Just because the norm is to encourage, or have some insecure method of storing passphrases doesn't mean it should be taken as the best method of doing something. The idea that storing passphrases locally is bad, and therefore no security is better then some, _without_ educating the user is flawed imho.

If we look beyond the single application, to the user environment, we already have tried and tested methods such as the gnome keyring (etc) which provide a certain level of protection between sessions. Sure a trojan (or admin) can grabbed those passwords during the session, but does that mean they shouldn't use it?

If we take the above reasoning to the extreme then unless some token system is used, we really should enter the passphrase in _each time_ it is used. Because if an application requires access to the passphrase during the session, it doesn't matter if it is stored locally or in memory, it can be compromised. That would mean each time you access a https connection you would need to type in a passphrase, each time your wifi needs to establish you would need to type in a passphrase and so on.

Of course the above example is being silly, but the point I am trying to make is there needs to be a balance between security and usability (for the average user).

Also I firmly believe that a secure system is a combination of little measures that are transparent to the user combined with user education. When a decent server admin hardens a box, they don't just do one thing, but lots of little things which on their own don't seem much, but all together makes the box a lot harder to compromise and makes the target less tasty for the would be attacker.

A FAQ posted on a site somewhere just sounds like a prepared excuse to laugh at people who have been compromised because they just didn't know better.