I do agree, but with the popularity of Wordpress, I see more and more larger companies using it as a solution. I think the bigger issue is having the site penetrated, then silently serving up malware to your clients, than defacement or anything that would receive attention. I'm not familiar if there is a plugin or solution for integrating a password checking service with Wordpress. I know that it's not difficult to integrate with other CMS solutions.