Were that me (I used KP), it would be in a different kdbx file. This is one of the benefits of KP, I have about 8 different vaults for various things. I don't like putting my eggs in one basket.
You lose the convenience of one file though. In this case you might as well use a purpose built encryption tool rather than force KeePass into this usecase. A VeraCrypt container or encrypted overlay filesystem are a significant performance and UX upgrade since you are already willing to concede managing one file.
That's true regarding the one file convenience but from another angle it's a separation of concerns, especially considering it's a pdf accessed very occasionally.
I maybe half agree with you about the encrypted overlay filesystem but only in respect to files, not passwords though. I tend not to keep files in KP, if I need a singular encrypted file I'd probably 7zip it (7z format) with a password and encrypt the filenames. The password goes in KP as does the location.
Yes we agree. Keep the passwords in the password manager and keep the files in the EOFS. If you need true seperation between those files, just make different containers or FS for them.
