They possible do not understand the implications of this but this ignorance can be costly in terms of poor security.
There are two standards available to protect any WiFi setup and these are WEP (Wired Equivalent Privacy), this is the minimum requirement for safety and WPA (WiFi Protected Access) this comes as WPA1 or WPA 2. Wherever possible I recommend that WPA2 is used; it is far more secure and uses a better protocol than WPA1 and a far superior protection to WEP.
WPA requires you to set up a pass-phrase rather than the usual six digit password.
I would be surprised if a hacker could guess a pass-phrase and it certainly would defeat all but the most determined dictionary attack.
Here I have spoken about the application of basic security for WiFi but without this protection your system is like an open door; at best it allows others to use your bandwidth and at worst it allows access to your system with all the risks that unauthorised access can cause.
Would you leave your front door wide open?