advise users against using their emails as their username

customize.dist/credential.js

@@ -8,6 +8,12 @@ define([
     Cred.MINIMUM_PASSWORD_LENGTH = typeof(AppConfig.minimumPasswordLength) === 'number'?
         AppConfig.minimumPasswordLength: 8;
 
+    // https://stackoverflow.com/questions/46155/how-to-validate-an-email-address-in-javascript
+    Cred.isEmail = function (email) {
+        var re = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
+        return re.test(String(email).toLowerCase());
+    };
+
     Cred.isLongEnoughPassword = function (passwd) {
         return passwd.length >= Cred.MINIMUM_PASSWORD_LENGTH;
     };