It's not stupid they reject. It's clunky. Vista's UAC was clunky, as was the CueCat that missed half the time. Used to have one and hacked with it, but the LED died on it.
Stupid can work if it's simple enough and popular enough. Look at Facebook and Twitter. Not to mention biometric and Bluetooth locks (tempted to play with one, only for low-security stuff, though). But it does pose that perennial challenge: combining high security with high stupidity.