Moodle user key authentication,is it safe?

i'm just trying to authenticate moodle with user key authentication using [this](https://github.com/catalyst/moodle-auth_userkey) plugin. but i'm not sure is this a safe way to authenticate users because this plugin only check whether the user name exist in the moodle database. and anyone can guess the user name and send post request to the end point and it will give you the authenticated url.is anyone know how to make this more secure? or is this way not safe?