As pointed out by others up-thread real financial institutions like banks have multi-layered security procedures. I haven't used Mt Gox yet so I'm not going to trash-talk their log-in security; but if it is anything like any of the banks I've used a weak password would not be an open-sesame to a hacker.

First the hacker bot would have to guess a user-name. "A" Not recognized. "B" not recognized. "C" not recognized. At what point should the log-in system cut off the bot and direct it to call customer service? Suppose it gets lucky at "AA" So now it has to provide a password. Perhaps it has a list of common passwords to try first. "Password" not it. "password" nope. "PASSWORD" -- Message from system: "Too many log-in attempts. Please call customer service." If Mt Gox allowed password cracking bots to run wild on their system (and I doubt that they did) they need to be shut down now.

Modern banking systems work fine with ordinary everyday people, if Bitcoins require computer security geeks to use them safely, while "idiots" lose their life savings, Bitcoins are going back to zero.