The article is about a tradeoff between security and user experience, claiming that a given practice is bad experience without any security gain.
The Ashley Madison leak shows that there are plenty of vulnerable users who are not educated to even "the most basic" things to do to protect their privacy.
It's also a question of user experience to protect users against themselves, or against threats they don't know about.
Saying "it's up to the user to do the right thing" isn't really helpful in the context of discussing account creation/login UIs.
Perhaps not when considering only the points made in the article, but in the grand scheme of things, yes.
If you’re worried about your opsec (not the sites, and if you’re worried about your opsec, you should treat the site as having no security measures whatsoever), ux is secondary to you, because in the case of a leak you should be in a position where you can plausibly deny everything. And you shouldn’t expect the site to help you with it.
The article is about a tradeoff between security and user experience, claiming that a given practice is bad experience without any security gain.
The Ashley Madison leak shows that there are plenty of vulnerable users who are not educated to even "the most basic" things to do to protect their privacy.
It's also a question of user experience to protect users against themselves, or against threats they don't know about.
Saying "it's up to the user to do the right thing" isn't really helpful in the context of discussing account creation/login UIs.