Currently the AES key is SHA256 of the user entered password. To make it harder for an attacker who gets hold of an encrypted key file, SHA256 can be replaced by a strong KDF which also uses a salt.
This would make it significantly harder to brute force decryption of weaker passwords.