I've seen a small amount of suspicious activity (possibly 3 failed logins that weren't mine); I'm wondering how relevant various attributes of the username are. I'm starting to move to unique usernames for various services: not anything vastly secure, but something that's at least harder to automatically cross-reference. Does anyone know if using much longer usernames is a worthwhile investment?