Capitalization in email addresses may defeat password reset

[jfass]

We have had a couple customers who tried to reset their passwords, and got messages that they weren't in the database (though we'd added them recently) ... when Matt logged out, then entered one of their email addresses with no capitalization, we got the success message ("password reset sent to ...").

[amschaal]

Fixed case sensitivity for password reset, but case sensitivity remains for log in.....