heh, it's a problem w/ the prevalence of llamaserver's games, as those don't use passwords.
when i first started playing, i never bothered to p/w. Norfleet convinced me otherwise
however, if the server maintains some sort of connection history, as to whether new/suspicious IP's have d/led the players turns, then that provides a modicum of protection.