I attempted to log in with my username and password
from the
real site and got the message "There is no user by the name
\"PierreAbbat\".". A username/password check should not reveal
whether it is the username or the password that is wrong.
I'm not sure that really applies here, where anyone can get a
complete user list anytime anyway (of course it doesn't have
any real information like email addresses or anything).
Is there any real security reason to hide our user list?0