Consider random/hashed IDs for user pages and the ability to change the user page root path

[LukasKalbertodt]

One client of ours voiced interest in this feature as they consider disclosing usernames as a security risk, putting Tobira and other of their systems at risk. I have not yet fully grasp the details here.

The idea would be to (if configured that way) either create a random ID for new user pages (like we do for events) or hash the username. As a separate feature, we could allow users to change their user-page ID, basically like a channel ID on youtube, on a first-come-first-serve basis. Though I imagine follow-up complications there: preventing impersonation, giving lecturers higher priority in the user-page ID choice, ...

In any case, not a big priority right now.

[JulianKniephoff]

An alternative idea by @LukasKalbertodt: We could let the auth layer provide a realm_name or something like it that overrides the username as the user realm root path. That way, institutions could implement hashing and other obfuscation or even "beautification" steps in their auth server, for example.