I agree with needing to make it simpler for the end user. Rotating keys, for example, would be very disruptive, and I'm honestly very unlikely to do it. That said, my use case is not typical of 99% of users. Multiple workstations, multiple git repositories with push access, IMAP over ssh tunnels mirrored to multiple machines using offlineimap, cronjobs, etc. I expect my security burden to be somewhat higher than most (if you're reading this, you're the 1% too). So, +John Stultz
s advice is relevant to me anyway, while I agree with +Eugene Crosser
that we generally need to make technology more secure out of the box for typical use cases.