What are the benefits of logging the username of a failed authentication attempt?
From time to time, some users can accidently type their password in the username field, either because they missed the tab key or because they thought their account was simply locked, not logged out (on Windows for example).
According to some questions on this site, if passwords of failed authentication attempts should not be logged, usernames often are.
That question even states that:
It seems reasonable that someone (even a security-conscious admin) would consider logging attempted usernames both useful and safe.
How is it useful or safe?
Are their other benefits to logging the username of a failed authentication attempt?
Clarification: I'm mostly interested in the logging of unknown usernames, but answers to the more general question are welcome.
