diff --git a/crates/app/src/routes/api/v1/auth/mod.rs b/crates/app/src/routes/api/v1/auth/mod.rs
index 2ab74e9..0d9fe50 100644
--- a/crates/app/src/routes/api/v1/auth/mod.rs
+++ b/crates/app/src/routes/api/v1/auth/mod.rs
@@ -78,7 +78,7 @@ pub async fn register_request(
     }
 
     // ...
-    let mut user = User::new(props.username, props.password);
+    let mut user = User::new(props.username.to_lowercase(), props.password);
     user.settings.policy_consent = true;
 
     let (initial_token, t) = User::create_token(&real_ip);
@@ -133,7 +133,10 @@ pub async fn login_request(
     }
 
     // verify password
-    let user = match data.get_user_by_username_no_cache(&props.username).await {
+    let user = match data
+        .get_user_by_username_no_cache(&props.username.to_lowercase())
+        .await
+    {
         Ok(ua) => ua,
         Err(_) => return (None, Json(Error::IncorrectPassword.into())),
     };
diff --git a/crates/core/src/database/posts.rs b/crates/core/src/database/posts.rs
index ad82159..319c795 100644
--- a/crates/core/src/database/posts.rs
+++ b/crates/core/src/database/posts.rs
@@ -1011,6 +1011,7 @@ impl DataManager {
                 // reposting but NOT quoting... we shouldn't be able to repost a direct repost
                 data.context.reposts_enabled = false;
                 data.context.reactions_enabled = false;
+                data.context.comments_enabled = false;
             }
 
             // mirror nsfw status