@Joshua Ochs
You're really asking a lot. "Average PC users" includes a wide range of people, most of whom have had little or no security training. When Windows 7 asks "Can this program do something to your PC?", only a small fraction of them actually understand what's going on. To label them all "stupid" only shows that you don't understand who's playing this game or buying PCs. Feel free to point me to the mandatory security class that comes bundled with every Windows PC purchase though, maybe I just clicked "OK" and skipped it.

Just to provide some perspective, I'm not your average PC user. I've worked in security for almost 10 years, I have multiple certifications and I'm finishing a masters degree in the field. Despite that, I made one mistake by trusting a few websites and was compromised. I've already said it was my own fault, so no need to point that out. But knowing what I do, there's no way I expect an average user to understand every way their PC might be compromised. The only truly guaranteed protection is to not use the computer at all. So I'm absolutely behind anything that gets authenticators into more players' hands, because they provide security that the user doesn't need to understand. It just works.

Now, should it be mandatory? Well that's ultimately up to Blizzard. My suggestion would be to bundle an authenticator with Cataclysm and refuse restoration to any account without one. That would shorten restoration times for players who are actually protecting their accounts, and allow the rest of you who still think you're secure to opt out. Just don't expect much sympathy from your guild when they lose their ICC geared main tank because he thought he was safe.