Leaderboard

Just because Twitter made a mistake with their logging, doesn't mean that they don't know what they are doing. Twitter has some of the brightest engineers in the world on their team, many of which I'm sure, would disagree with you. Still, how IPBoard operates is outside our control and you should always assume an attacker has your username.

I think you can just convert the fields to hidden, however first_name, last_name, email, username are required. In /plugins/order/views/templates/wizard/signup.pdt for example (your path may vary depending on order form used) search for first_name, and starting there change $this->Form->fieldText to $this->Form->fieldHidden for each field you want to hide.. probably first_name, last_name, company, address1, address2, city, country, state, zip, phone, fax. For the required fields (first_name, last_name), you may want to just prefill some standard info like "Customer" or something. I may have time to play around with and test this, and if I do I'll post code you can use, and update the docs so it may be helpful to others.

I would suggest contacting IPBoard about any concern. Most organizations do not have secret usernames.. they force the use of email addresses, or display usernames publicly. Reddit, Twitter to name a couple allow you to login with your display name. I operate under the assumption that an attacker knows my username, but I can see how you'd want that to be secret. Nothing we can do about it though.

I can't delete module because there is server using it, I can't delete server because there is an package using it, I can't delete delete package because service use it, I can't make package inactive because server is already offline, brilliant!!!!!!!!!!!!!!!!!!!!!!