Not to forget that it looks more serious and professional by logging in with eMail.
No, it doesn't, especially since not everyone actually wants a serious and professional environment.
I think this is a must have for Wedge.
No, it isn't. If it IS implemented, I certainly won't be doing it.
Usernames can easily grabbed and hacked due bruteforce from posts.
And you think this is a common occurrence? Trust me, it isn't. I run multiple honeypots right now, and while each has been hit with brute force attacks, the vast majority of them are for users that don't even exist.
Mailadress is hidden by default.
It's better than that, it's not merely "by default". You physically have to give out moderation level permissions for it in order to view them.
So for me this is one of the most important security standards we can give to our users.
Hardly. I have a very long list of things that ranks higher than this, sorry to say.
Seriously, please take a note of the comments I have already made, specifically the ones where I indicated that the bots are already trying to brute force email addresses, and that not permitting very common, very weak passwords is actually a better method of protecting users than this.
Consider it this way: in any fence of security, the weakest link is where efforts will be concentrated. Usernames are not that weakest link.
Consider this also: you know Facebook, that little site with 750m+ users? That allows login with username. I know, because I happen to use that every damn day. Consider additionally that it's not just a random username then, it's also an *identity* of sorts, with all sorts of personal information far more important than would be found on most forums.