#4 case-insensitive hashing insecure?

[Eric Swanson]

Code review shows that the entered password is manipulated in a way that loses its case information for the purposes of hashing the actual pw data. Need to do a bit of research to confirm whether (and to what degree) this is cryptologically significant. This will break existing PW databases, so it should be worked into a major release.