I don't really understand your question. Removing password auth reduces code complexity and therefore attack surface whilst also preventing users from using the software with a dangerous configuration. Maybe the users don't want that, but tough shit, maybe it's the nudge they need to use SSH keys.

In practice, this will just result in people and organisations using the last version of OpenSSH that supports password authentication.

Last time I checked "apt install openssh-server" on debian still launched sshd with password login enabled