I think the GP's point was that the "someone else having access" bit affects everyone, not just homeless people, if the company makes it easier to reset/regain access to accounts.

Bottom line, though, is that these companies should be required to find a way to maintain that high level of security, but also have a process so anyone who loses account access can get it back in a reasonable amount of time.

Once a hacker gets access they immediately change the password, and then the homeless person loses access anyway.