Totally agree pfunk; I sat with someone yesterday, while she created an account. I had to go completely overboard about using a unique password and saving it in triplicate.
It took about 2 minutes of me going overboard before she got it and agreed to keep it safe.
Is it possible to detect if the person copied it to clipboard?
If so perhaps a message saying "You have not copied this password, Steemit cannot recover passwords, if you lose this key, all potential profits will be lost, would you like to copy this to clipboard now?"
Then if they say no; an "are you sure screen" if they say yeah I'm sure, then an are you sure you're sure.
Then if they still say no, don't want to copy, then an "OK, on your own head be it screen."
I personally didn't get that when I signed up, but luckily I'm pretty disciplined with passwords after some very frustrating experiences.
CG
The biggest problem with all this is that Google, Facebook, banks and other similar sites all have the ability to recover or reset passwords. Might be a little bit of a pain to do but with a small amount of effort you can get back into an account when you forget your password. So the masses have been trained that password losses are recoverable. Only in the crypto world are people on their own safe guarding their wallets.
But more and more people coming to Steemit have little or no previous experience with crypto. So they don't understand that there is no help desk to call when they forget their password. That's the biggest problem, this is uncharted territory for them. They don't realize until it's too late that there is no fallback plan if they haven't made one themselves.
I concur. Since the steemit community is inviting the masses here, they must make the danger of losing your password explicit, bold, and crystal clear to the user at every step.
You can prevent copy / paste in browsers as far as I am aware.