Using crypto is hard. People lose keys, forget passwords, don't transmit keys in a secure way, don't store keys in a secure way, revoking keys, checking for revocation, using third party services like webmail and so on. Strong crypto is like losing your house key and being told that sucks, but since it's an impenetrable bunker with an unpickable lock there's nothing you can do but start from scratch.
I agree that this is roughly the problem. I don't use GPG to encrypt my email, for example, because nobody I know has anything installed capable of decrypting is or even verifying the signature.
I could tell them to download/install things, and even if they were somewhat willing to give it a try, there's a big problem.
So I'll admit that I haven't bothered with it in years, but I suspect that it hasn't improved dramatically because (and this is part of the problem) usability for these kinds of things never seem to improve. So what I'm going to say may not be 100% accurate, based on past experience, here's a general overview of the sort of thing that happens:
Joe Sixpack hears that he can encrypt his email and read friends' encrypted email if he just installs Enigmail for Thunderbird. He's a little confused by this, since he doesn't know what Enigmail or Thunderbird is, and he just uses Gmail. But let's assume Joe Sixpack is smart, interested, and persistent, so he goes looking for answers.
He locates and installs Thunderbird. Ok, weird. It's a weird old-style email application of the kind that Joe doesn't use anymore, and it has tabs for some reason. Joe doesn't really know what to do with that, but he ignores it for now. He gets his email set up and working.
Joe goes looking for Enigmail, and finds out that it's a plugin of some kind. He finds a site with an install button. He clicks it, and... it downloads some weird file. Joe doesn't know what to do with this. He double-clicks on it, and it doesn't run. He drags it to the Thunderbird window, and nothing happens. Confused, Joe googles around for answers, and finally finds install instructions. Yay! Enigmail is installed.
Joe runs Thunderbird and tries to click on the buttons that Engimail added, and... nothing happens. Is it working? No, there's some weird error message. Joe googles that error message, and finds that he needs to install GPG, too. Nobody told Joe about GPG. Oh well. He googles GPG, and downloads an installer. He runs it, GPG is installed, and he tries again. Now he gets a different error. On researching that, it turns out that he downloaded the wrong GPG installer. He needs a different one, though it's not clear why. Joe locates the correct installer, downloads and installs that, and bingo, things seem to be working now.
But now Joe is being prompted for information about... I don't know, something about fish? There are lots of letters and what Joe thinks are acronyms or something. Who knows. He needs to enter a password, and there's something about "keys"....?
Joe's thinking, "Wait, so I need to make 'keys' and back them up? Where do I back them up. I'm being warned that if I lose them, I lose all of my info, but there's no clear way to back them up so that I can't lose them." He forges ahead, creates the keys. Uploads something to a server somewhere-- public keys. "I guess that's fine for them to be uploaded. It says they're public. But then were did those keys go? I can't find the files. How do I back them up if I can't find the files." Finally, "Ok, fuck this. I don't want to deal with this. I don't even know anyone else who encrypts their email, so why am I doing all this?"
Joe calls it quits for a couple of months, and then gets curious and decides to try again. By this time, he's lost his keys, and he realizes that losing keys is a real danger. Meanwhile, in the process of screwing around with things, he finds that his old public keys are still on a server somewhere. They have no revocation date, and he doesn't have any means to revoke them, so they're just there, potentially confusing. Joe spends a couple hours trying to figure out that little problem, and then gives up for good this time.
Sorry, I rambled on a bit there, but the point is, there's no real support or infrastructure for this kind of encryption. There's no friendly GUI. It's not built into the applications that people already use, so they have to get multiple plugins, and then other supporting files for those plugins. It's just a mess before you even get to key management, and there's not really a good, iron-clad key management system.