Just thinking out loud here, but could a security feature be implemented that would only allow an account to send powered down steem to a beneficiary account specified by the user unless a certain length of time passes. For instance, you could set a beneficiary account called @beneficiary or whatever. If you power down steem, that steem could only be sent to @beneficiary for 3 months. That way someone would have to hack two accounts to gain the funds and this would reduce the security risk for instant power downs. Once you transfer the funds to @beneficiary, they are unlocked and free to go anywhere, such as exchanges, etc.
And while more complicated, maybe it isn’t all that much more complicated for the general masses while still maintaining security?
Little bit complicated, also if the hacker gets the active key they can change that power down recipient account, unless u put it on a timer that takes 30 days to effect such change, a two account security feature may be too many keys for the average joe to think about and potentially lose. Currently there are vesting routes you can set with the active key.