Five Year Old Discovers Major Password Flaw in Xbox LIVE, Thanked By Microsoft

on April 4, 2014 12:08 PM

An interesting story involving a five-year old boy and Xbox LIVE has made the rounds: apparently this precocious child managed to find a gaping hole in Microsoft’s password verification system.

Kristoffer Von Hassel found a way to log into his father’s account in order to play games he wasn’t supposed to. He ended up showing his father that when he typed in a wrong password for his father’s account, it clicked to a password verification screen. Simply hitting space and then hitting enter allowed for access to the account through a back door.

The father, who works in computer security, then sent that information to Microsoft. After fixing the loophole they added Kristoffer to their website in a list of security researchers that have helped make Microsoft online services more secure.

In a statement from a Microsoft official:

We’re always listening to our customers and thank them for bringing issues to our attention. We take security seriously at Xbox and fixed the issue as soon as we learned about it.

Kristoffer will receive four free games, $50 and a year-long subscription to Xbox LIVE for his vital discovery.

 /  Staff Writer
A Reviews Editor at DualShockers who is always looking to improve her writing and delve deeper into the industry. She is shamelessly in love with JRPGs and can easily rack up 100+ hours from level grinding alone. Even though she graduated from Hofstra University with a B.A. in Public Relations, her talent and wisdom (read: blind luck) landed her a job at DualShockers, where she continues to plot her escape by betraying their secrets for power and world domination.