Possible security risk between Swansea University email and Facebook?

The e-mail system at Swansea University sets a default password of the users date of birth and the users student ID. This all seems very secure as a student ID is unique and not known by everyone. However I have noticed that many people post their student email on social networking sites such as Facebook, alongside their date of birth, which is a very large security loophole as it would take a monkey that knows the default password algorithm to figure out the default password in no time.

Advice to students? Change your default password, it is highly recommended.