Xbox password flaw exposed by five-year-old San Diego boy

Published: April 4, 2014 at 4:02 PM

Ananth Baliga

OCEAN BEACH , Calif., April 4 (UPI) -- Five-year-old San Diego resident Kristoffer Von Hassel found a backdoor into Microsoft's Xbox One Live, alerting the company to major security glitch.

The glitch wouldn't have been found had Kristoffer's parents not noticed that he was logging in to his father's Xbox Live account and playing games he wasn't supposed to be playing.

“I got nervous. I thought he was going to find out,” said Kristoffer.

Kristoffer then showed his father, Robert Davies, how he logged in to the account. After typing in the wrong password, Kristoffer was taken to a password verification page. There, by typing in a number of space keys and then hitting enter Kristoffer would be logged in, finding a backdoor into one of the most talked-about gaming consoles in past few months.

Davies said that his first reaction was one of happiness.

"How awesome is that!" Davies said. “Just being 5 years old and being able to find a vulnerability and latch onto that. I thought that was pretty cool.”

Davies works in computer security and said that this wasn't the first time Kristoffer had hacked into a device. At age 1, Kristoffer was able to get past the child lock screen on a cell phone just by holding down the menu key.

Kristoffer has received a mention in Microsoft’s security acknowledgements for March and the company will also give him four games, $50 and a year-long subscription to Xbox Live.

[ABC News 10] [Microsoft Security Response Center]

© 2014 United Press International, Inc. All Rights Reserved.