yeah, I'd go further to say that the actual setup of getting an npub keypair and wallet is easy, but the ongoing maintenance and security of them is more tricky.

Integration of wallet to client is finicky most of the time, and stuff like NIP-05 verification is very much seen as extra steps after sign up, rather than part of the initial sign up process.

Then there's the whole thing about setting up relay lists...