Passwords being case insensitive implies that they are storing passwords as clear text.
What? No it doesn't. They could just lower case all the password submissions and store the hashed version of that. When someone tries to log in, lower case what they enter, hash it, and compare to hash (or whatever the specifics are)
