How would one secure Open Authentication by still retaining the usability?
If you'd like to keep the network open, using a VPN will be your best bet. This will encrypt your traffic (which is otherwise open for anyone to sniff.)
If you're looking to add a disclaimer, you can use the hotspot page here, which allows you to set time limits, quotas, and other things:
WatchGuard Customer Support
Depending on your goals/needs, there is 2 factor authentication, including a new offering from WG
Why is Open System Auth(OSA) still supported given huge security concerns?
Why not just remove this option completely?
You still let user configure OSA without additional security measures. Onus is still on the end user who mostly do not know the differences with WPA2,...
Guest wireless is generally left as open so that anyone can connect to it. There also may be compatibility concerns or customers that simply want it to be open. We provide information about all options in the documentation -- it's up to the customer do decide what fits best into their environment.