Nobody is going to input a password into a client they downloaded and then put all their savings into that Bank. There needs to be a lot of focus on private security if we want people to use BitShares X as a bank.
we could force the user to print out a backup sheet paper which states the private code of their account key in QR code, HEX format and WIF format ... possibly BIP38 encrypted ..
From my naive viewpoint, no technical background, here are some of my worries:
1. I forget/lose my password.
2. I lose my wallet/PC crashes.
3. The download was malicious.
4. The download was intercepted.
5. Keylogger records my password.
6. What I am invested in crashes.
By an exchange with 2FA risk of 3, 4, 5 are eliminated. Anti-virus etc. reduces risk of 4 and 5. Using multiple exchanges, and multiple wallets, multiple devices, with multiple passwords, and multiple backups, 1 and 2 are mitigated. By investing in multiple assets (including bitAssets) risk of 6 is mitigated.