Five year old hacks Xbox One account, gets reward from Microsoft

James Delahunty
4 Apr 2014 12:09

Microsoft has thanked a five year old boy for discovering a flaw in its Xbox One system that allowed him to log into his Dad's account without a password.
Kristoffer Von Hassel, from San Diego, discovered a way to get into his father's account and play games he wasn't supposed to. When his Dad noticed, his career in computer security took precedent over any displeasure over his account being hacked, and he asked his son to explain to him how he was doing it.

It turns out that Kristoffer noticed that after entering an incorrect password for his father's account, he would be prompted with a password verification screen. Then by using the on-screen space bar to fill up the password field, he could trick the system into signing him into Dad's account.
"How awesome is that!" the boy's father, Robert Davies, said. "Just being 5 years old and being able to find a vulnerability and latch onto that. I thought that was pretty cool."
This wasn't the first time that his son managed to figure out ways around digital locks either - at the age of just 1, he figured out that he could get around the lock screen on a cell phone by just holding down the Home key for a while.
Microsoft has since fixed the embarrassing login flaw, and acknowledged the five year old on its page of researchers who have discovered and reported flaws in Microsoft products.
The company awarded the boy with four free games, a year's free Xbox Live subscription and $50.
Good job kid!

Source and Recommended Reading
5-year-old Ocean Beach boy exposes Microsoft Xbox vulnerability: www.10news.com