Among human-readable adresses, .bit/NameCoin could be better but it isn't too bad. Something like half of all BitCoin miners are also part of the NameCoin network now, so it's more secure than you'd imagine given its actual adoption.

Readable isn't the issue IMO, typable is. You can brute-force a pretty onion domain beginning with a few letters you choose, but nobody can remember the random numerical garbage following it.