Yes I agree their security is heavily undermined by the simple fact that their PCs are relying on basic windows user account security to keep their data safe. If someone stole it they could ophcrack it in seconds and have it all. I think I shall just tell them that they NEED to use WPA and that be the end of it.... I don't really want to sit here looking like a fool any longer than I must just to prove something for them, but I do maintain that this is a legitimate post about legititimate security concerns.
Thanks anyway guys, keep up the good work.