I wouldn't have thought that "ilovebakedbeans" is harder to crack than "Cj4$Vf7^" (incidentally, I don't use either - I just made them up on the spot). A lot depends on what the theoretical hacker's brute force algorithm is. If it starts off with a dictionary based attack, your declaration of fondness for a food will probably be found quicker than the shorter, completely random string.
Of course, many blogging sites are doing away with password databases entirely, instead relying either on authentication via third party sites (Facebook, Twitter, Google, OAuth) or even, for the ultimate in low security, Gravatar (only a nickname and email address required to post comments - no password except to customise your Gravatar profile).
However, for those sites which do still rely on a password database, there's really no excuse for storing it in plaintext in a location that can be read by anyone other than root / administrator. *NIX systems currently salt and hash passwords, then store the file in a location only root can read. According to Wikipedia, even that's not impregnable, but it's presumably a darn sight harder to access the file and the passwords contained within it than on the Sony Pictures and Grawker fora.
There's another potential issue, tangenitally related to passwords. Never mind hackers, many sites implement tracking cookies / web bugs that can follow you around and determine the sites you visit. Perhaps worryingly, courtesy of Ghostery I've discovered that many implement several different tracking cookies simultaneously, with some using nearly a dozen different trackers. That information is probably far more useful to companies / advertisers than your login credentials...
...unless you're smart enough to be running an ad blocker, script blocker, tracking cookie blocker and LSO blocker simultaneously.