From a user experience point of view, using emails as login is usually more convenient than using "usernames" (usernames). First of all because it’s one more thing for the user to remember ("which username I used this site?" ), second because emails are unique, while the username may already have been used forcing you to choose another, etc. If your system works well without user names, I suggest not to introduce them "just for doing".
If on the other hand you have reasons to want this (e.g., it is not good to expose a user’s email to others without their consent, and sometimes it is necessary that one of them identifies only the other in some way), there are two main ways to do this as I see fit:
- Take a combination of the first name and initials of the surname (or vice versa, depending on what is most common in the culture of these users), perhaps adding a numeric suffix if two receive the same username; or:
- Take the first part of your email (before @) and do the same if two have it the same. This exposes a little more user privacy (it makes it easier to "guess" your email based on your username), but I think it depends on the point of view... (others may prefer not to have their real name revealed, varies from case to case)
Using random string would have little benefit, as you well questioned, maybe except if the user is given the opportunity to change his username if he so wishes (anyway, it’s still a nuisance...). And one last detail: if your table contains a field senha, I hope you are storing in the correct way. ;)