This does not allow for non password user authentication. The security, or rather bug in question allows for brute force user name disclosure and therefor a new bug report should be made and this ticket closed as this description states falsely that "causes the system to skip asking for a password if the username is invalid".
** Changed in: vsftpd (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to vsftpd in ubuntu. https://bugs.launchpad.net/bugs/672328 Title: vsftpd: discloses whether usernames are valid or not -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs