Always show a "screen name" instead of the login user name

I am aware of this feature request: #849602: Update 'username' theme template to use 'view label' operation. and also that the Drupal security team does not consider disclosure of usernames and user ids a weakness.

I understand that having a public username helps other users of a site to know the identity of the person they are interacting with in a forum or a blog. But I do not understand why the public username must be the same username as the name used as part of the login credentials.

By making the public username the same as the login username, someone who wants to mount a brute force attack to uncover the password for specific account on a Drupal site only need to register an account, harvest the public user names, and then write a script to brute force an attack aiming for that specific account.

(As noted on this post on Webmasters.StackExchange, I am currently experiencing such a brute force attack.)

My feature request is to have the option to set up an screen name in addition to a login name. Whenever that user name is publicly exposed (e.g. user profile, author byline, etc.) the screen name is shown instead of the user name used as a login credential. The user name used as a login credential need only be accessible to that particular user.

So for instance, I could assign user #1 the username "MrEd", but with the alias "Admin". An attacker would have no way of knowing the real username, but would instead attack an non-existing account named "Admin".

I understand that this doesn't need to be in core. It is indeed trivial to use a module to hide the username (e.g. Real name). But since I believe that hiding the name that is used to login is important to make brute force attacks on accounts hard, I suggest that this is implemented in the Drupal 8 core.