I am also thinking about adding an "advanced" feature where your wallet is encrypted on our servers using a strong passphrase that you have to remember and use every time you login.
But even if this is done right, on first use you would then have my decrypted wallet on your host. I'm still having to trust that you don't keep a copy.