secret username against hackers + public screenname ?!
ClearXSClearXS - January 19, 2009 - 17:30
I've looked through all log-in and security modules, but this one doesn't seem to be there.
This could be a very simple security barrier against hackers; if they don't know my user-name AND if one only can log-in or retrieve password on user-name (not on email) AND if the user-names are hidden/encrypted within Drupal...
Another point is that there are so many security and login mod's; could there be a (or two) drupal project(s) integrating them ?
Lots of discussion on this
Improvements to Core Group - Add Display Name field(s) to core in addition to Username:
http://groups.drupal.org/node/11092
Issue - Add a Display Name field to core in addition to Username:
http://drupal.org/node/102679
I was also amazed
I was also thinking why I could see the actual login names in Drupal via nodes or comment' authors.
I have seen Authorship (D5) (seen here, where they also mention this issue) and Alternate Login (D5/D6) modules, which do something about this, but not exactly what I want. The first one changes the displayed name for something else (keeping the actual login name somehow hidden), and the latter just adds a new name to login, but the actual "Drupal login" can be used.
Also, I don't like login as "John Doe", but as "johndoe" or the like. But that's another story. That's usability more than security.