That's a very good point. I guess I'm too used to thinking in terms of desktop applications that don't have a bunch of money attached to them

In which case, I could create a patch where:

1. The non-sensitive commands you mention are accessible without a password.
2. The RPC server is enabled by default, but without a password only non-sensitive commands are accessible.
3. An additional -noserver option forces the RPC server off, even for non-sensitive commands.

Does that sound better?

(The Bitcoin URI command sounds like something that should be dealt with in a follow-up patch.)

I'd like to suggest that the RPC server for the Bitcoin client be enabled by default. This would make it easier for other applications to integrate with the Bitcoin client, without the user having to add command-line arguments and configuration values.

This could be achieved by creating a random RPC password if none is set in bitcoin.config. The password could then be written to a file like "bitcoin.password" in the data dir.

Along with this change we'd probably want to deprecate the "-server" flag (since the RPC server is enabled by default), and possibly add a "-noserver" flag that would disable the RPC server.

Does this sound like a good idea? I can put together a pull request if this sounds an acceptable enhancement.