1 comment

[ 0.27 ms ] story [ 15.1 ms ] thread
Meh...the patch is a nice improvement and I can see why a CVE is allocated but I never considered my username a secret anyway. If you only allow strong auth mechanisms like public keys I don't really see how knowing someone's user name is going to make your life much easier as penetrator. Its like knowing someone's Google account name, its the same as his/hers gmail....