Yeah. Most people tend to nowadays.
Also, to put your mind even more at ease, unless someone has a particular (personal perhaps?) reason to try and attack your particular wifi network, chances are they will see it's encrypted with WPA and won't be bothered to try and crack it, instead preferring to move onto one that's easier (WEP or even totally unencrypted!)
I do like the slant that the Speedtouch routers take on it - you can choose a setting "New stations are allowed (via registration)". This means you have to specifically put the router into registration mode, otherwise it will not accept any new wifi connections, even if the security key is correct, or even if there is no encryption at all!
I haven't tried that with MAC address spoofing though, to see if that's how it identifies which are new and which aren't. I suspect it does. However it does make the usually laborious task of entering MAC addresses into the router that much easier!