I absolutely agree with the passwords needing to be explicit that once you forget your password, sorry no dice. There have been some new people that found this out the hard way unfortunately.
Honestly, I think the 12 words recovery is the best option for Steem that other coins and HD wallets are using. That way, if all else fails, they for sure have a backup of their password hash.
RE: A Detailed Look at The Account Registration Process for Review, Comment, and Suggestion From All Users