Author page shows user login ID - security concern

If I click on the author name of a post, it takes me to a page that lists all the posts by that author. The URL of that page is :

www.domain.com/author/LOGINID

That login ID could be used for brute force attacks, and generally good practice would be to avoid displaying this. Would it be possible in a future update of the theme to change the URL to be:

www.domain.com/author/FirstnameLastName.

Meaning, use the actual name (alias) that readers see on the site, rather than the wordpress loginID.

Thanks.

Also, if i google my domain name, that author page that contains my loginID comes up in the search results. So there are potentially two ways a hacker could get my loginID.

Hi @metallikat36,

I hope you are well today and thanks for posting here.

The default WordPress themes like Twenty Sixteen theme also uses the same functionality so i don’t think it’s security concern.

Read more information about it here https://wordpress.org/support/topic/wp-431-still-allows-visibility-of-admin-usernames#post-7439848

Best Regards,
Movin