Given the merge of the change set for T241845, the checkPasswordCannotMatchUsername password policy check has become redundant (see also). I propose removing this check for the sake of efficiency and to avoid confusion.
It doesn't need deprecating, though a migration step (and RELEASE-NOTES) would probably be useful.