diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..d3a3d86
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,2 @@
+# Default code owners
+* @martin-alexander-msc
diff --git a/Sources/GitwCore/GitwApp.swift b/Sources/GitwCore/GitwApp.swift
index f100588..f75d142 100644
--- a/Sources/GitwCore/GitwApp.swift
+++ b/Sources/GitwCore/GitwApp.swift
@@ -78,7 +78,9 @@ public struct GitwApp {
                 throw GitwError.usage("login requires --email <email>")
             }
 
-            let username = try ttyReadLine("GitHub username: ")
+            // `--name` is the GitHub username (and also the commit author name we pass via env).
+            // Do not prompt for username again.
+            let username = name
             let token = try ttyReadSecret("GitHub personal access token: ")
 
             let profile = GitwProfile(githubUsername: username, token: token, gitName: name, gitEmail: email)
diff --git a/Sources/GitwCore/Keychain.swift b/Sources/GitwCore/Keychain.swift
index e700998..e1b2851 100644
--- a/Sources/GitwCore/Keychain.swift
+++ b/Sources/GitwCore/Keychain.swift
@@ -30,8 +30,9 @@ public struct GitwProfile: Sendable, Codable, Equatable {
 }
 
 public enum KeychainStore {
-    // We deliberately keep this fixed; gitw only supports GitHub HTTPS.
-    public static let server = "github.com"
+    // Keychain namespace. We still authenticate against github.com, but we store credentials
+    // under a dedicated Keychain server name to avoid collisions with other GitHub tooling.
+    public static let server = "gitw.github.com"
     private static let service = "gitw"
 
     /// Load credentials for a given alias.
diff --git a/Tests/GitwCoreTests/GitwAppTests.swift b/Tests/GitwCoreTests/GitwAppTests.swift
index 19bf7d5..4d29671 100644
--- a/Tests/GitwCoreTests/GitwAppTests.swift
+++ b/Tests/GitwCoreTests/GitwAppTests.swift
@@ -59,9 +59,9 @@ struct GitwAppTests {
 
         let status = try app.run(
             .login(alias: "work", repoURL: "https://github.com/OWNER/REPO.git"),
-            ttyReadLine: { _ in "real-user" },
+            ttyReadLine: { _ in throw GitwError.io("unexpected ttyReadLine") },
             ttyReadSecret: { _ in "tok" },
-            name: "Real Name",
+            name: "real-user",
             email: "real@example.com"
         )
 
@@ -69,11 +69,12 @@ struct GitwAppTests {
         #expect(git.calls.count == 1)
         #expect(git.calls[0].args == ["ls-remote", "https://github.com/OWNER/REPO.git"])
         #expect(git.calls[0].githubUsername == "real-user")
-        #expect(git.calls[0].name == "Real Name")
+        #expect(git.calls[0].name == "real-user")
         #expect(git.calls[0].email == "real@example.com")
         #expect(kc.saved.count == 1)
         #expect(kc.saved[0].alias == "work")
         #expect(kc.saved[0].profile.githubUsername == "real-user")
+        #expect(kc.saved[0].profile.gitName == "real-user")
     }
 
     @Test
@@ -87,9 +88,9 @@ struct GitwAppTests {
         do {
             _ = try app.run(
                 .login(alias: "work", repoURL: "https://github.com/OWNER/REPO.git"),
-                ttyReadLine: { _ in "real-user" },
+                ttyReadLine: { _ in throw GitwError.io("unexpected ttyReadLine") },
                 ttyReadSecret: { _ in "tok" },
-                name: "Real Name",
+                name: "real-user",
                 email: "real@example.com"
             )
             Issue.record("Expected login to fail")