". My workplace does passwordless vnc too..
If there was a password, it woukd be post-it to the terminal where the session is displayed anyway."
Well, unless the "hacker" in eastern Europe has a bloody amazing pair of binoculars, don't think that would be an issue, certainly better than no password.
"password popups would be somewhat of a disruption to normal use."
What password pop ups? The one you use to connect with, but if you have to connect then it's no big deal, surely?
"Oh well, at least it's all behind NAT"
Would that be the one that VNC is punching a bloody great hole in? I'm just guessing as your security seems so piss poor, I guess your firewall rules are just Any/Any...just to make it a bit easier.