On 09/19/2012 11:13 AM, Jan M. Dziewulski wrote:
Logging in should use case-sensitive passwords but not usernames (in my opinion).
Just a comment from the peanut gallery --the problem I see is that email addresses are not always usernames. For some places, they aren't even close.
*Many, many* authentication systems treat usernames as case sensitive, including kerberos and most implementations of LDAP I've seen. From what I've seen, many applications (before talking to anything on the backend) standardize the capitalization of a username (Shibboleth implementations, Drupal, etc).
Perhaps some possible settings could be added to handle the two cases of Roundcube authentication -- usernames vs. email addresses. One could do stuff to standardize capitalization (email address case), vs. another that would simply preserve and pass through (username case).
Cheers all,
Martin B. Smith, Systems Administrator smithmb@ufl.edu - (352) 273-1329 UF Information Technology, CNS/Open Systems Group University of Florida