UnicodeDecodeError: 'utf-8' codec can't decode byte 0xb6 in position 0: invalid start byte

[Chris Angelico]

On Tue, Oct 1, 2013 at 8:30 AM, Νίκος <nikos.gr33k at gmail.com> wrote:
> Στις 1/10/2013 1:28 πμ, ο/η Mark Lawrence έγραψε:
>>
>> On 30/09/2013 23:19, Νίκος wrote:
>>>
>>>
>>> 2 dickheads names Joe & Mark work together to achieve total bullshit!
>>> Well done Beavis & Butthead!
>>> rofl...
>>>
>>
>> Well aside from the fact that you've maintained your record by being
>> inaccurate with 50% of the names that you've quoted, it appears that
>> we've something that has very much in common with your website.  Which
>> reminds me, is it still possible to access your users' names and
>> passwords in plain text or is that something that you've actually
>> bothered to fix?
>
>
> Nope, it isn't. I have fixed it.

And this doesn't bother you???!?

Nikos, industry best practice is to make sure people can't steal all
your users' passwords *even if they get access to your hard drive*.
Passwords should be stored like this:

"92e25cf5beefd4982cedd2f28b430e0e9d23e0966ee3f20c74f825ebeeee9842"

That's the password "qwer", on an account named "asdf", on a mythical
system. Even knowing that, you can't work out what another password
means. Storing people's passwords in plain text is a HORRIBLE HORRIBLE
idea - and having them accessible to the world is a sign of a complete
and utter lack of any semblance of security.

I understand that bugs happen. But bugs of this criticality should be
your very highest priority... unless you're not actually in business
here, and you're just scamming a bunch of people by pretending you run
a legit enterprise.

ChrisA