Turns out sneaking into someone else’s Xbox account without a password is so easy a five-year-old can do it. That’s the story being reported by San Diego’s 10News. It didn’t take much effort or even any particular knowledge—all Kristoffer Von Hassel did was enter a string of nonsensical spaces into the password entry form and that’s it. He was past his parents’ oligarchy over the Xbox, and into a world of gory first person shooters.
This is how it went down: when presented with a password screen, little Kristoffer punched in the wrong one. Not a surprise, since he doesn’t know his dad’s password. But when prompted to retry, Kristoffer simply entered in a bunch of spaces, and for some reason it let him into his dad’s account. This is obviously troubling because it allowed Kristoffer to access all the content deemed too mature for the five-year-old—who knows if any other kids have discovered a similar method of skirting parental controls?
Since the exploit was right there in the open, Microsoft engineers must be feeling pretty foolish even though it was discovered by mistake. For Microsoft’s part, when alerted about the bug, the company acknowledged Kristoffer’s discovery by putting him on their list of official security researchers, and even rewarded him with some games and a one-year subscription to Xbox Live. Being curious and inquisitive maybe isn’t such a bad thing.