Also the passphrase is converted into the AES key by doing ~10,000 SHA-256 operations. Unless you remember a significant portion of the passphrase (i.e. remember passphrase as "This is my password" and it actually is "This is my p@ssword" it it computationally infeasible to break into your wallet.
Of course if you could brute force your own wallet so could an attacker which would make encrypting it worthless to begin with.
This exactly. Why use encryption if there's a backdoor.