Just a suggestion from old paranoid me: The logon process on this forum evaluates the username and password parts of the credentials separately, from what I see. Giving clues to valid usernames opens up a couple of nasty and probably unwanted attack vectors (including searching for suspected members by their known mail addresses). I do understand that it simplifies the interaction with less computer literate users, though.
If the current process is there by design, or if I've misunderstood it, I'll just shut my mouth, but at least I want to have warned against it. :)