5-year-old exposes Xbox One password flaw

A 5-year-old boy managed to circumvent the Xbox One’s security and log in to his father’s account without entering the correct password. San Diego child Kristoffer Von Hassel has now been credited as a security researcher by Microsoft. In an alternate universe, the kid probably turned to the dark side, logged into your account, and pumped your life savings into FIFA Ultimate Team card packs.

A five-year-old boy who worked out a security vulnerability on Microsoft’s Xbox Live service has been officially thanked by the company. Kristoffer Von Hassel, from San Diego, figured out how to log in to his dad’s account without the right password. Microsoft has fixed the flaw, and added Kristoffer to its list of recognised security researchers. In an interview with local news station KGTV, Kristoffer said: “I was like yea!” The boy worked out that entering the wrong password into the log-in screen would bring up a second password verification screen.

Read full article