How does a password manager like keepass key file be used to increase the security?
Since the password database cannot be decrypted without the key file, the key file needs to be stored somewhere - much like the password database itself. Why is the key file harder for an adversary to get at than the password database itself?
I read the information presented on Wikipedia regarding KeePass and it states that KeePass Password Safe is a free and open-source password manager primarily for Windows. It officially supports macOS and Linux operating systems through the use of Mono.[2] Additionally, there are several unofficial ports for Windows Phone, Android, iOS, and BlackBerry devices.[3][4][5][6][7] KeePass stores usernames, passwords, and other fields, including free-form notes and file attachments, in an encrypted file. This file can be protected by any combination of a master password, a key file, and the current Windows account details. By default, the KeePass database is stored on a local file system (as opposed to cloud storage)
In addition to acting as "something you have", the option to use a KeePass Key File allows for more flexibility in the other two factors ("something you know" and "something you are") without having to explicitly implement such behaviour in the application.
Example 1: "Something you know" could be run through a custom or stronger key derivation function than KeePass (especially v1.x compatible) can support; then loaded in as a keyfile.
Example 2: "Something you are" could be run through a biometric scanner that writes out a biosignature which is then run through a trapdoor function and/or key derivation function to be loaded into KeePass which has no native awareness of biometrics, especially on operating systems with no "TWAIN" equivalent biometric standard.
Example 3: "Something you are" in the more generic sense of prove you are a human* by regenerating the keyfile (or one stage thereof) from a human typing in a CAPTCHA image (or one or another possible successors) stored publicly along with the keystore.
Basically, the keyfile option can act as a generic catch-all for any entropy source you can imagine - within the limit of the underlying keystore encryption scheme (256 bit for KeePass).