I hear you piuk... I have to deal with users too and nothing turns people sour than when they forget their password to the new magic internet money site they heard about on the new hit CBS drama last week and now the site 'stole' their money... I hear your pain.

My gut agrees with some of the others for a way to 'disable' this for those of us who want a little more security.

However I would like some more information before I ask for change. 

How exactly is it implemented?  What strength does the mnemonic provide (bits etc)?  I assume you are using the electrum seed encoding (interactive en/decoder at brainwallet)?

I can think of one basic way this would work:  You generate a XXXbit random key (or derive it from my password) and my password encrypts that key.  The mnemonic is of the key.

My concern is that there is an addition of another way to decrypt my wallet (or worse, my password itself).  The reason it concerns me is if there is an attack vector discovered in the future.  Passwords are in closures now and that is great, but what if someone finds a way to extricate the mnemonic in the future?  Now we are trying to protect two things, rather than one.

I agree that for most people this probably wouldn't be an issue (probably isn't even for me, I am just a freak), but having the option of turning it off would be nice.  Even better would be a decoy option where the values are still there in memory, but just garbage so if an attacker ever found an exploit they would just get garbage.  However knowing what I know about the way the service works they would just be able to check the decoy flag and compensate, so that probably wouldn't work anyway.

I really do hear your pain with new users so I 100% understand and support why you did this.  I would even be in favor of a 'hidden' option where you had to enter a special #tagOption by hand or something so that the 'average' user (your target demographic with the mnemonic) wouldn't even see it as an option to turn it on.