[sparky]

Might improve user experience a bit, but your password hashing scheme needs to take much longer if an attacker knows he can rule out lower-case letters.

For example, 8-character alphanumeric passwords:

((26*2)+10)^8 / (26+10)^8 = 77.4

You have 77 times fewer passwords of length 8 (probably worse than that, most people skew more towards letters than numbers), so it should take 77 times longer to test one.

[Retric]

Caps lock does not remove lowercase letters, it swaps upper and lower case. <Caps Lock> + <Shift> <a> = a.

PS: Try it: ASdf becomes asDF.

[epochwolf]

I think caps lock works differently on macs. I remember it making everything uppercase, regardless of whether the shift key was pressed.

My Mac is running Windows at the moment and I can't reboot into OSX to test for several hours, so someoneelse will have to confirm or deny this.

[epochwolf]

Confirmed, capslock on OSX makes all letters uppercase. Shift is ignored.