For a little status update on the theft situation, you can also read my posts page 46 of this thread: https://forum.helloiota.com/9284/Call-to-action-lets-catch-the-thief?PageIndex=46
There’s little video snippets somewhere with Koen (IOTA’s Cyber Security Advisor) talking about the theft and how investigations are going.
The Lightwallet actually did have a seed generator for some time in its early days. But from what I’ve heard, people constantly failed to properly backup their seeds and then blamed it on the wallet when they lost access to their funds because of their own mistake...
Result: the seed generator got removed from the Lightwallet.
But I see that you understand that this incident was caused by a criminal and his malicious website, not by the wallet.
Just try to learn as much as you can from this to make sure that such a thing never happens to you again (no matter if it’s IOTA, any other crypto or any other „password“-protected stuff).
However, all self-responsibility aside, you’re absolutely right about the phishing and protecting users as much as possible. And that’s exactly what the Foundation aims for with the Trinity wallet. Trinity comes with some great improvements, including an integrated seed generator.
I suggest also you (re-) read this article, that Koen wrote in order to protect the users. In the future, only use one of the methods he describes: https://blog.iota.org/the-secret-to-security-is-secrecy-d32b5b7f25ef
Once Trinity wallet comes out of Beta you can of course also use Trinity’s seed generator.
All the best for you!
I wouldn't be able to help anyone without thetangle.org-explorer. If you feel like you want to support its developer Mathieu Viossat in maintaining his service, please consider a donation to the address shown here: https://thetangle.org/about. Thank you!