It isn't very easy. But I think there are enough well designed tools (password manager services with automatic synchronization and convenient browser plugins) that make it not too difficult to use either. Education absolutely is key; and the guides and tools to help with that can likely always get better. But the biggest factor to teaching new users how to use these tools and why it is important to do so is motivation. With sufficient motivation I don't think learning these things is that big of a barrier.
That motivation comes in the form of money. Sure if the user is just dealing with data that they don't care much about (maybe they just don't value their privacy all that much) then the motivation isn't very strong to learn how to properly secure your account. But when we are talking about people protecting their hard earned money, that motivation shouldn't be that difficult to find.
That is one of the beautiful things about Steem. There is a financial incentive to motivate people to jump through various hoops to learn these new and difficult things that people in the blockchain space are forced to deal with (things like securing passwords / private keys and using cryptocurrency exchanges). If you want to actually get this money in a usable form to spend it on things you need like rent and food, you have to spend some time and effort to learn these new processes and tools. (But hey, you normally need to spend time and effort to earn money from your job anyway.) And when these things are learned once, it becomes easy to transfer those new skills to other applications/services in the blockchain space.
RE: How to join the HERO Challenge as Leader and Participant