It seems like it doesn't matter what the username/password combination is supposed to be protecting, it's the same every time.  A lot of users just use silly passwords because they don't manage to remember something more advanced, and don't give much thought into what would happen if someone can access the data you're sitting on now.

I used to work as a sys.admin at a university with 30k students, and we used to crack passwords every now and then, our average was 500 passwords found by the first day every time.