[rdl]

Of the smartphone OSes and hardware currently available, only RIM has what I'd consider good security, and Apple iOS is pretty good. Android and WP7.5 have basically no hardware-based protection, and given the UI/UX of the phone, it's unreasonable for people to use passphrases resistant to offline brute force attacks -- all the work factor stuff with scrypt/bcrypt/etc. doesn't apply when you have a huge asymmetry between normal use hardware (slow, cheap, low power phone) and attacker (general purpose CPU attached to the wall).