It may be true that no security tool protects against the stupidity of a user. Many are not stupid, but simply uninformed about the particular subject matter.
So, calling the merely uninformed "stupid" is not the most diplomatic option. True, again, people that do not want or simply can't learn may be somewhat challenged, yet you might want to keep informing people and teach about what you know, before calling people stupid. A good number of people want to know, want to learn and are willing to learn.
Thanks!
WK