Computerworld published an article today "Study: Weak passwords really do help hackers" in which a study at the University of Maryland had four computers online for 24 days. There was 270,000 intrusion attempts (roughly one every 39 seconds). Approximately 825 attacks were successful.
Most of these attacks used dictionary scripts. Thus weak passwords were usually quickly guessed. The project leader, Michel Crukier, stated "Weak passwords are a real issue," Cukier said."
Enterprises still using passwords must strengthen their passwords users choose in order to help mitigate the threat from password attacks.