I assume you mean to disable it? I see that listed in various places, but I don't understand why it matters… I like to kill all passwords on my VMs (so there's nothing to brute force), uninstall sudo and only use ssh keys to authenticate. I would like to know why this is a bad idea.
This is more of an issue on machines with multiple people who can access them. If you disallow logging in as root and use sudo to escalate privileges when needed then there's an audit trail of who did what (or at least a record of someone starting a shell with root privileges at around the time of something bad happening).
A slight correction in that if you examine the logs on any SSH server connected to the net you'll see an absolute flood of Chinese (and other) compromised windows boxes trying to brute force (sorta) passwords for the root account using ssh.
So if you disable root logins, they have no idea what to use as a username. Oh sure someone who personally knows which machine you maintain might be able to guess jonwood is your username or my username is vlm... but they'll never be able to log in as root and botnets aren't smart enough to try anything else. Aside from root, I wouldn't make your "primary user name" = "hostname" either.
Thinking back at my occasional examination of logs, I don't know if I've ever been scanned by bot nets trying Anything other than root as a username. I'm sure it happens, but I can't afford to spend 5 minutes per syslog line in my life either...
I assume you mean to disable it? I see that listed in various places, but I don't understand why it matters… I like to kill all passwords on my VMs (so there's nothing to brute force), uninstall sudo and only use ssh keys to authenticate. I would like to know why this is a bad idea.