Eric, when the MPW is not supplied, IMO, the username should not be populated, otherwise the unauthorized user has already won part of the battle.
This request is similar to the one about hiding the account tree when the MPW is not supplied, even though this request should be easier to implement than the other one.
I don't know enough about encryption, but may be you could write the UserName out to disk encrypted and when the correct MPW is supplied, it devryots to the original username.
In other words, MPW + username - > xyzdef. Oh heck, I don't know how to explain this, but I am sure you understand what I am talking about here.
What do you all think ?
