META: Misleading error message on using wrong username
I attempted to log in from a computer I don’t usually use, and entered my username as “Rolf Andreassen”, two words; in fact it’s “RolfAndreassen”, one word. The error message I got back was “Incorrect password”, which is misleading. Not until I tried to recover my password did I realise my mistake. Clearly this is an unusual edge case, but I suggest updating the code to give back “No such user” when someone makes this mistake.
There are (mild) security reasons to not let attackers know if the username is valid or not. It’s pretty useless here as /user// will reveal this. In other contexts, the message typically acknowledge the possibility with “incorrect password or username”.
If you look at the bottom of the page you will see a Report Issues link.
The link leads to a page which previously linked to the bug tracker, but on 19th October 2010 someone edited it, so the link was lost. I restored the content of that page, it points to bug tracker again now.