Not exactly. Using a strong password on a single device doesn't protect all of the traffic going through the device. Switches/routers are just "dumb" devices that send traffic to and from a source and destination. If those devices are configured with transport controls such as port forwarding, you could have problems beyond the strong password.
True, but not relevant. In order for internal hackers to attack you, they have to get a non-routable subnet IP by connecting to the router. Then they can use an ARP shout to build their internal routing table, and try to connect to other devices without going through the gateway.