Not sure if you meant this in a disparaging context, but (a) app authors could make use of cryptographic acceleration instructions, (b) this particularly goes double for "Apple keyring" or whatever the Android equivalent, those will definitely get acceleration right off the bat, and (c) people overestimate how long those tasks take anyway. I have KeePass set up so that it takes 1 second per attempt on a fast processor, and my J5005-based NUC takes about 3 or 4 seconds to decrypt it. Probably about that long on my iPhone as well. Annoying, a bit, but it's not like you're waiting there for literal minutes either.

And ideally that stuff could be moved into an on-processor secure enclave, so it's not executing on general cores at all. That way you straight-up can't even get to the data to try decrypting it, it just stays inside the enclave and the enclave doles out a single password at a time if and only if the password matches.

It's hard for me to believe that you are typical of the rest of the world.

My guess is that one Tiktok video consumes far more CPU cycles than decrypting dozens of passwords.

I don't see how "average users don't do high-security tasks" somehow helps the argument that "high-security tasks are rarely high-intensity tasks".

I’m fairly sure that all around the GUI is way more intense than that.

Running argon on 6 cores with 64 MB of memory for 50 iterations is more intense than 2D rendering. The CPU runs full tilt for about 2 seconds.