diff --git a/data/model/legacy.py b/data/model/legacy.py
index a002cef41..2feba5a82 100644
--- a/data/model/legacy.py
+++ b/data/model/legacy.py
@@ -792,6 +792,12 @@ def get_matching_users(username_prefix, robot_namespace=None,
 
 
 def verify_user(username_or_email, password):
+  # Make sure we didn't get any unicode for the username.
+  try:
+    str(username_or_email)
+  except ValueError:
+    return None
+
   try:
     fetched = User.get((User.username == username_or_email) |
                        (User.email == username_or_email))
diff --git a/test/test_api_usage.py b/test/test_api_usage.py
index 19d1b7e4a..012375aa2 100644
--- a/test/test_api_usage.py
+++ b/test/test_api_usage.py
@@ -470,6 +470,12 @@ class TestCreateNewUser(ApiTestCase):
     self.assertInTeam(json, NEW_USER_DETAILS['username'])
 
 
+class TestSignin(ApiTestCase):
+  def test_signin_unicode(self):
+    self.postResponse(Signin, data=dict(username=u'\xe5\x8c\x97\xe4\xba\xac\xe5\xb8\x82',
+                                        password='password'), expected_code=403)
+
+
 class TestSignout(ApiTestCase):
   def test_signout(self):
     self.login(READ_ACCESS_USER)