"It's likely that most are compromised and the public isn't aware just yet."
What do you mean, that an offline generated recovery phrase is likely comprimised without that we know it?
You are talking about booting tails and generating a seed with Electrum without going online? Or also if we use hardware wallet?
I like this answer better
Are people that bad educated?
I mean, sending sats to an exchange or "service" for yield, I guess some might still fall for it, but it has nothing to do with recovery phrase ("seed") that's getting compromised.
Proper management of the recovery can be tricky at first and some might make mistakes but depending on their threat model and amount involved, that's might still be good enough. When the threat model change and amount get more significant, people can take new measure to improve their strategy.
I would say that most people have a recovery that have been compromised, it means (for me) that someone else got access to it ans make a copy, waiting for the value to be high enough to stell the sats. Or that a copy would theoritically be accessible by a hacker, virus or malware hidden in another software, which should not be the case for a wallet generated offline (on a temporary OS or hardware wallet).
Passphrase, multiple wallet, multisign, miniscript wallets, can all be options to improve and mitigate various risks, with each their pro and cons.
How can we improve users knowleadge to help them figure out what is best for their situation?
All valid suggestions. Each will figure out what works for them.
