ELI5
Imagine putting your toys in a box. Then you put a lock on the toy box. Only you know the combination to unlock the box. You need to remember the combination in your head, because if you write it down, one of your enemies might find the combination and steal your toys.If you want to give a toy to one of your friends, you will need to use the combination to unlock the box. Once you open the lock, it's not as safe to put the toys back in the box and lock it again. Someone could have seen you enter the combination. The lock might not be designed well, and after you unlock it once, it's easier for someone else to unlock it again. You should put the remaining toys in a new box with a new combination.
End of ELI5.
BIP38 uses robust, slow, and difficult to brute-force encryption. It does allow users to put in their own password though, and users can make bad decisions. It doesn't prevent you from putting "password" as your password, or trivially short passwords that would be found quickly.
