Microsoft Thanks 5 Years Old Kid For Breaking Xbox One Login Password

A five years old boy has discovered a really embarrassing security flaw in Xbox One login screen and used it to login to his dad's account without entering the correct password.

The kid, Kristoffer Von Hassel from San Diego, discovered that entering a wrong password into Xbox One login screen brings up a second password verification screen that can be bypassed by filling the password field with spaces.

Kristoffer 's discovery was acknowledged (and fixed) by Microsoft after his father reported it to them. The company thanked him and listed him as one of March 2014 Security Researchers on its official technet.

"We're always listening to our customers and thank them for bringing issues to our attention," said Microsoft in an official statement. "We take security seriously at Xbox and fixed the issue as soon as we learned about it."

It is good to see Microsoft fixing security flaws so quickly, but it is still hard for us to imagine how such a trivial trick passed their quality control and security process.

Add new comment

This question is for testing whether you are a human visitor and to prevent automated spam submissions.


Not the same thing.

The 5 year old did not "figure out", the 5 year old "stumbled upon". There's a big difference, dumbass. I hate M$ very passionately but I hate them for their business practices & decision making processes, not their mistakes. Everyone makes mistakes. I made them on my job & you('ll) make them on yours, probably mopping floors or collecting garbage or something like that.

Didn't see anyone else here

Didn't see anyone else here trying to break the security themselves; Something so trivial like this just slips through the cracks all the time kiddo's. So in closing giving it this level of fuss is commendable. I don't actually care about Xbox, and its flaws to begin with.

Add new comment