Also I have a question. If it is that easy to just paste the privkey, if anyone puts random numbers and try to import keys, what is preventing this from being done? Does it going to ask my my passphrase when I am trying to spend this funds?
Mathematics. Compared to the number of private keys that can exist, winning the lottery looks like a sure thing. It is an absurdly large number and even if all computers in the world worked nonstop with the sole purpose of looking through those keys for money, it would take an ungodly number of years (millions/billions/longer)
I believe that if you import a private key into a wallet, there is no passphrase associated with it. In other words, keeping a copy of your private key can help ensure that if you forgot your passphrase, you'll still be able to get at your funds through the key.
For someone to get your key, though, they will need either your wallet.dat file AND your passphrase, or your key.
You can get your key via a fresh, temporary install (run it off a usb drive) of Linux, and either put it on paper or another usb drive. then keep it somewhere safe. Then have an extremely safe password. Only keep a smaller wallet for spending (when DRK becomes a coin you routinely spend) and the larger wallet with more funds, keep off line.
There is no way around it, we all have to be responsible for our wallets, just like we have to be responsible for our cash. Unfortunately, there is no insurance program (yet) like you get at a bank, that covers your deposit when the bank is breached. But on the other hand, you don't have to pay for those things either. Someday, someone might insure people's wallets as a service, but it'll be an opt-in rather than mandatory
