Propose a scheme. I don't know how to do it so that the upside exceeds the downside. If you do, please share.
If I use GPG for my e-mails in Evolution, for every encrypted e-mail it asks for the password.
Why not implement this also in a bitcoin client: for every transaction the password is required, and the wallet is decrypted but not saved on HD, only in RAM when it is needed for the transaction.
This way the wallet is never decrypted in a file on the HD and is difficult to be stolen.