id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
5388	Author Permalink (myblog.com/author/username/) does not help security	enposte	pishmishy	"When pretty permalinks are enabled any hacker can easily find out the usernames used on the blog.

All they have to do is type: 

'''myblog.com/?author=(some_random_id)''' 

and if there is an author with that id, the URL will redirect to:

'''myblog.com/author/matching_username/'''

I think it would be more secure if the URL redirected to:

'''myblog.com/author/author_id/'''



"	enhancement	closed	low		Security	2.3.1	minor	wontfix