Index: securesite.inc
===================================================================
--- securesite.inc	(revision 3723)
+++ securesite.inc	(working copy)
@@ -27,6 +27,11 @@
       if (!empty($_POST['openid_identifier'])) {
         openid_begin($_POST['openid_identifier'], $_POST['openid.return_to']);
       }
+      if (variable_get('securesite_mail_login', 0)) {
+        if ($name = db_result(db_query("SELECT name FROM {users} WHERE LOWER(mail) = LOWER('%s')", $_POST['name']))) {
+         $_POST['name'] = $name;
+        }
+      }
       $edit = array('name' => $_POST['name'], 'pass' => $_POST['pass']);
       $function = '_securesite_plain_auth';
       break;
@@ -114,7 +119,12 @@
       default:
         // Authentication failed. Request credentials using most secure authentication method.
         watchdog('user', 'Log-in attempt failed for %user.', array('%user' => $edit['name']));
-        drupal_set_message(t('Unrecognized user name and/or password.'), 'error');
+        if (variable_get('securesite_mail_login', 0)) {
+          drupal_set_message(t('Unrecognized e-mail and/or password.'), 'error');
+        }
+        else {
+          drupal_set_message(t('Unrecognized user name and/or password.'), 'error');
+        }
         _securesite_dialog(array_pop(variable_get('securesite_type', array(SECURESITE_BASIC))));
         break;
     }
@@ -167,7 +177,12 @@
     else {
       // Request credentials using most secure authentication method.
       watchdog('user', 'Log-in attempt failed for %user.', array('%user' => $edit['name']));
-      drupal_set_message(t('Unrecognized user name and/or password.'), 'error');
+      if (variable_get('securesite_mail_login', 0)) {
+        drupal_set_message(t('Unrecognized e-mail and/or password.'), 'error');
+      }
+      else {
+        drupal_set_message(t('Unrecognized user name and/or password.'), 'error');
+      }
       _securesite_dialog(array_pop(variable_get('securesite_type', array(SECURESITE_BASIC))));
     }
   }
Index: securesite.admin.inc
===================================================================
--- securesite.admin.inc	(revision 3723)
+++ securesite.admin.inc	(working copy)
@@ -162,6 +162,12 @@
     ),
     '#required' => TRUE,
   );
+  $form['authentication']['securesite_mail_login'] = array(
+    '#type' => 'checkbox',
+    '#title' => t('Use e-mail to authenticate'),
+    '#default_value' => variable_get('securesite_mail_login', 0),
+    '#description' => t('Need this to use Login toboggan or e-mail registration module'),
+  );
   $form['authentication']['securesite_type']['#description'] = "\n".'<p>'.
     t('HTTP authentication requires extra configuration if PHP is not installed as an Apache module. See the !link section of the Secure Site help for details.', array('!link' => l(t('Known issues'), 'admin/help/securesite', array('fragment' => 'issues')))) .'</p>'."\n".'<p>'.
     t('Digest authentication protects a user&rsquo;s password from eavesdroppers when you are not using SSL to encrypt the connection. However, it can only be used when a copy of the password is stored on the server.') .' '.