I'm a relative PHP beginner, being self-taught and writing code for 20 hours per week for the last 7 months or so.
I've written a web-app, which is using Aura.Auth to authenticate based on email address and password at present. However, I've realised that some of my potential users are likely not to have an email address, therefore need some other way of securely identifying them. I've come to the conclusion that using a "company ID" (unique customer company-wide login name) + username + password is probably the best method in terms of security and easy to remember for the users.
Does anybody have any pointers on how I would go about configuring the Auth module to accept the company ID + username + password combination, without hacking it to bits, please?