Does exactly what I needed

No muss, no fuss. Allows administrators to change usernames to something less vulnerable to hacking. Also substitutes a hash string for the “nice name” which otherwise discloses the username to any ol’ bot who asks, by displaying it in the URL when listing an author’s contributions.

My proof that it works? Bots have tried brute force attacks by logging the newly-minted hash’ed nice name. They’ve also come perilously close to guessing the first admin name that was set up by WP, which has been changed.

This plugin took away at least two possible routes to a bot or a human getting lucky with us.