True enough.
I guess the thing that horrified me the most was when I was making my first website that involved a login, and I realized that while of course I'm a respectable coder that will securely hash and store only hashes of passwords for comparison, and clear any plain text passwords out of memory immediately, in no way can I guarantee that even a single other person hosting any other site will do the same.
But your average user isn't told that. They'll reuse their passwords over and over and over again, and so while encryption may work mathematically, I have no faith in the average developer to keep their code secure and bug free. (I don't even have faith in myself to keep my code bug free)
And I have no faith in the average user to not use the same password for every site. (steemit excluded of course)
True, but you don't have to worry about they average user. Just yourself :) Sooner or later the average user will catch up.
Perhaps, but that's giving the average user a lot more credit than I'm willing to give. I don't even trust myself to be able to stay afloat as the seas of technology rise. It develops faster than I'm able to keep up with it, and I would guess that the average user is slower than I am.
It's like the old joke goes, "I may sell at a loss, but I make it all up in volume!" It may not matter how long you give the average user.
Regardless, strong encryption is the only thing that can provide reasonable security but it is real. Eventually, applications will be developed that make this easier for every type of communication (and there are already some). I'm sure there was a time when people though driving an automobile was a task beyond the "average user". People adapt and things get easier as the technology develops. You don't necessarily have to keep up with the latest and greatest of everything, just enough to keep yourself secure. It really isn't all that hard and most of the time when true security is needed (i.e. logging on to a banking website) then it is already provided. True, you have to learn not to use the same password everywhere but is that really so hard?