All you need to do is put a password on their private key to use it. Most private keys I use have a password required to use.
Let them sign in with their password, and keep the private key unlocked for their whole session.
The only difference is that they get the extra protection from pub key cryptography in a way there minds can comprehend.
Passwords are then client specific, they would need to understand and store their keys if they want to use the same “account” on some other client. The ROI of passwords on top of a client isn’t there IMO. Signers do have a place though, something akin to a nip-07 or hardware wallets. But they require the knowledge of how pubkeys/private keys work as well.
