Open Web Application Security Project (OWASP) – Testing for Account Enumeration and Guessable User Account
The scope of this test is to verify if it is possible to collect a set of valid usernames by interacting with the authentication mechanism of the application.