Xbox password flaw exposed by five-year-old boy

4.6
A five-year-old boy who worked out a security vulnerability on Microsoft's Xbox Live service has been officially thanked by the company.

Kristoffer Von Hassel, from San Diego, figured out how to log in to his dad's account without the right password.
Microsoft has fixed the flaw, and added Kristoffer to its list of recognised security researchers.
In an interview with local news station KGTV, Kristoffer said: "I was like yea!"

The boy worked out that entering the wrong password into the log-in screen would bring up a second password verification screen.
Kristoffer discovered that if he simply pressed the space bar to fill up the password field, the system would let him in to his dad's account.

Kristoffer's name now appears on a page set up to thank people who have discovered problems with Microsoft products.
The company also gave him four free games, $50 (£30), and a year-long subscription to Xbox Live.

Posted:
Related Forum: Xbox Forum

Source: http://www.bbc.co.uk/news/technology-26879185

Related Articles

Comments

"Xbox password flaw exposed by five-year-old boy" :: Login/Create an Account :: 115 comments

If you would like to post a comment please signin to your account or register for an account.

DanimalsPosted:

They should have gave him more. he's only 5 and found it

EventPosted:

One smart kid. He is already going places in the short amount of time he's been on earth.

TSNYCPosted:

Pretty cool this was found by a 5 yr old as well.

MortarPosted:

It is rather amazing that a five year old was able to notice such a problem, let alone pass the information on to Microsoft. As for what they gave him as a reward, I think they should have given him an Xbox One console with a selection of games as well as 12 months Xbox LIVE. It seems more befitting considering he is only five.

ZipsPosted:

-Tupac OMG this is so funny! A 5 year old?! C'mon Microsoft!


A lot of my friends found out about this and were laughing so much haha

ZipsPosted:

He found out something that is protecting passwords and they hive him $50 and 1 year live? Could of give him more than that xD

DanimalsPosted:

lol come on microsoft. you guys have a password flaw and a 5 year old figures it out faster then you

LagwagonPosted:

Congrats to that kid. I hope he works for Xbox (That would be pretty Cool). He seems smarter than Microsoft.

UnbindPosted:

this kid is off to a great start! Congrats for him!

DiscJrPosted:

Linx Wow i would love to see this kid in 10 years from now. lol Mega HACKER! jk


Yeah, that's highly doubtable.

If you read the article you'll see what he did and it really isn't something a 1337 hacker would do.

He got lucky.


Latest Downloads

Latest Tutorials