[JoeAltmaier]

Folks could/should have as many contact aliases as they desire. They can send them securely to others whom they want contact with. A single username per customer is a lame approximation to what humans really want/need.

Further, it's not necessary to be a unique name - there are plenty of Joe's in the world already. It's not ambiguous if you're contacting the Joe you know.

In any case the username is unnecessary when authenticating. Why not prompt for address, or mother's maiden name too? It's all the same sort of weak 'authentication' that could be eliminated with a proper password/access key.