I think in the next time the developer would encrypt the wallet file. I have two sheds.
My first is a format for wallet.dat. Can we split the wallet container in two containers? A container with all "public keys" (not encrypted) and one encrypted with "private keys" thus we can see the BTC which are in a wallet whithout any password but if we would send BTC to a new adress we must enter a password to decode the private keys.
The next is how we enter a password in the BTC client. I think a safe way is to integrate a virtual keybord in the bitcoin client where the user can enter a password by clicking on the screen, this had the advantage that no keylogger can capture the password. But for barrier free design the normal keyboard must also accepted.