That seems like a very dogmatic attitude. Security almost always comes at some cost (e.g., inconvenience), and sometimes that cost is not worth the benefit.
Yes, I agree with you. It pretty much always comes at some cost and "user-friendliness" hurts most of the times. But it is exactly that "easy-to-use" design that leads to security holes like the one presented here.
And I stand by what I wrote earlier, if you want to add some security options then they should be enabled by default. Having even the best security system in-place is useless when it's disabled. Isn't it?
That seems like a very dogmatic attitude. Security almost always comes at some cost (e.g., inconvenience), and sometimes that cost is not worth the benefit.