Hi @Lucas Nebot , welcome to Microsoft Q&A forum.
Enabling the Allow Azure Services will enable any Azure Service to connect to Azure SQL Server resource. Now you are right in mentioning that we still use the user credentials to connect to the database and providing incorrect credentials will have access denied to the database. However, if by any way any wrong party gets the credentials through unlawful methods, there is no way to stop them to access the Azure SQL Database. Even the resource is not blocked by any firewall rules, so its kind of security risk. Hence, it is advised to enable extra layer of security to make our resources more secure and data intact. As an example, even MFA offers multiple factors to gain access to resource. Or the applications that send the OTP on the mobile phones on top of login credentials.