We've just discovered that I can log in to wikitech with any case variant of my username:
Each time I log in with a novel case variant, the login succeeds but I get a NEW account in the wikitech db with the new case variation. This means that different case combinations can have different 2fa creds, edit histories, etc.
There are currently 35 wikitech users with multiple case-differing accounts in the labswiki db. We need to fix the ldap extension and then clean up/merge all of those accounts.