Imagine that you created a tool that had all security features enabled. The usability of it would be incredibly low and barrier of entry so high that rarely anyone would use your tool. The idea behind allowing "open access" is to allow for a new user to learn the most important aspect of your tool by realizing what problems it solves.
Of course, from a security standpoint, people will still make mistakes like this, but the onus is NOT on the tool developers. They make it configurable for a reason.
Sorry, a world where every tool is riddled with security holes by default and every developer needs to learn them inside and out to close them all through configuration is a ridiculous burden.
Is it really that difficult to require someone to set a secure password before a product is usable?
Of course, from a security standpoint, people will still make mistakes like this, but the onus is NOT on the tool developers. They make it configurable for a reason.