If you from xterm, you'll notice that the password is set to just '!', compared to a long hash for root's password. So nobody will be able to log in as user through SSH.

You can change the user password by first gaining root access (I just leave my device in R&D mode so I can just sudo gainroot anytime; but once you've changed your root password, you can always just SSH in -- even locally -- as root), and then issuing .