Yes, for best practice make sure in front-end the field will never accept blank
2nd in your controller you can also check if username parameter has value
then 3rd its also good that this field in table should not accept blank or null.
So in case it able to penetrate to front-end and controller it will never make save a record with username null.
There are those who tell lies with meaning behind them and those meaning less lies!