Password security, or Ease of Use?

Should a login system be case insensitive?
Short answer: Yes. But numbers/symbols should be required.
Long answer: One of the most common mistakes made when logging in is to have the caps lock key pressed. In studies, significant proportions of support calls are simple case-sensitivity issues with usernames or passwords.
Some login systems address this issue by detecting when the username and password are all uppercase, and displaying a message "you entered your username and password in all capitals."
While the programmers of such systems are trying to be friendly and helpful, this has a tendency to instead to intensely annoy users: ask why, if someone went to all the trouble to write a system that would notice that they made that mistake and display the message, it could not simply deal with the problem itself, and log them in. Why does the system go out of its way to make them feel stupid, rather than simply using a little intelligence itself?
In my experience, annoyed, shamed users also tend to become more scared of the system, and more prone to making mistakes, but I don't think anyone's ever enumerated the effects this could have on the support overheads.
Making logins case-insensitive means that if the username DewiMorgan accidentally logs in as dEWImORGAN (which would not be detected by the above all-caps warning system, even though it's clearly a caps-lock problem), DEWIMORGAN, or dewimorgan, it doesn't mind, and will happily log the user in without any annoying errors.
Now, this feels like a drastic reduction in security: it's removing 26 possible characters of randomness, for EVERY LETTER of the password. That'll be 26 x 26 x ... LOTS of possibilities removed!
However, it turns out that case-sensitivity is not in fact a significant factor in security: it is equivalent to rather only a single bit of "randomness" information per alphabetic character of the password (and zero information loss on numeric or symbol characters, of course). For a given seven character alphanumeric password, with no symbols, it reduces the number of possible combinations from:
(26 + 26 + 10)^7 =~ 3,521,000,000,000 combinations,
to:
(26 + 10)^7 =~ 78,000,000,000 combinations.
If this is felt to be a significant security risk, you could add one character to the password length, bringing the total up to three quintillion combinations again.
Another option is to use punctuation characters (!"£$%^&*_+~-=#(){}[]:@;'?,./`|\), but that's barely more effective than adding one more character. If you use every possible symbol on the UK keyboard and give them all the same probability of occurring in the password as the alphanumerics, then you only end up with an increase to seven quintillion combinations, at the expense of making the password hugely harder to memorise because you end up with passwords like "%z*h42+", and most people can't remember punctuation as well as they can remember alphanumerics. So they'll write it down, and your security is promptly useless.
So, am I arguing that passwords should be purely alphanumeric? No. There are two reasons for this.
Firstly, users should be permitted to use a high security password if they they like: that the login system treats it case insensitively can be transparent to them.
Secondly, users will, if permitted, use dictionary words for passwords. Requiring that at least one of the letters is not normally found in the dictionary will restrict this tendency, though they'll normally either replace letters with 100ka1ike (hara(ter$, or will stick the character they're forced to use on the end of the word. Certainly, they will tend not give numerics and symbols as high a significance in their symbol set, and crackers will know this, trying for combinations with only one or two symbols to begin with.
However, I definitely AM arguing for LONG passwords. Each alphanumeric letter adds a little over 5 bits of information to the password. A sequence of erratically spelled dictionary words would be far greater protection and easier to remember than any complex but shorter sequence, and would also be faster to type.
"ter qik broun foux jumpies ouver da layz dorg"
To brute-force this using just the letters of the alphabet plus space would take:
27^46 possible combinations: something like
69,619,860,913,088,559,769,513,602,159,355,000,000,000,000,000,000,000,000,000,000,000
7 x 10^64
"£$IUOPI^G4dsggh"
(24uppercase + 24lowercase + 10 numbers + 33punctuation)^15
71^15
5,873,205,959,385,493,353,867,330,551
6 x 10^27
Both are about equally unpleasant to memorise, but the former is massively, massively harder to crack. Susceptible to brute-forcing of variations on known phrases, sure. But throw in a few punctuation characters or numbers, use a random but memorable english phrase, and what you have is infeasible to crack, but sufficiently memorable that it is less likely to be written down:
"Oscelots! Nesst in 43 treez"
- Farrier.