SSH is by default very strong, and since a long time without critical bugs. It has strong protection against various hacks and known vulnerabilities. For instance SSH has a password retry wait time of (default) five seconds. This makes the time for brute force attacking an SSH-server very long and not effective. However, sometimes script-kiddies will fork their hacking program making multiple processes of the brute force attack. Sometimes they are able to fork it off upwards of 1000 attempts every 5 seconds. This drastically minimizes the time to crack short passwords.
I think SSH is secure enough, but there is always a way to make it more secure.
Install knock daemon:
1 | aptitude install knockd |