Hi,
Limiting number of connection by each user is set to 30 in your configuration, this is done with user_max_connections:
<restrict level1=\"60s\" level2=\"15m\" level3=\"1h\" level4=\"1d\" timeout=\"1h\" log=\"/var/log/dbgovernor-restrict.log\" user_max_connections=\"30\"/>
Yes, you should enter root password for proper governor functionality.
And, yes, limit read/write is what helps controlling IO. Overall default settings are best to start using on shared hosting server. However it could be different as depends from every single moment, server power etc.etc. It is always a balance game, how to provide enough resources for your customer and keep server stable.