Not the password in question
Many of the preceding mentions of router security are talking about defaults for and securing of Wi-Fi network passwords (WEP, WPS). These are not the passwords we are talking about when compromising an IoT device: we are talking about the admin interface password, and/or the default password for an SSH or Telnet connection. After all, the DDOSers are not within range of your wireless network!