A mischievous person could write a program that repeatedly connects to your server trying a new username and password combination each time. They can increase their odds of gaining entry by using a list of common usernames and passwords. Configuring your cloud server to not accept account passwords and to only accept SSH keys eliminates this threat.
