Microsoft’s Xbox Live service met its match in the shape of a five-year-old boy that managed to bypass its password protection with consummate ease.
Kristoffer Von Hassel, the San Diego native, worked out how to log into his father’s Xbox Live account without having the password and as a result the company has added him to its list of security researchers.
The security researcher realised that after entering the wrong password once, a second password verification screen would come up where he then pressed the space bar to fill up the password field, which let him access his dad’s account.
"I got nervous. I thought he was going to find out," he told KGTV. "I thought someone was going to steal the Xbox."
Robert, his dad, also works in security and immediately sent the details of the flaw to Microsoft and told the same TV station that he was proud of his son. It wasn’t the first time that Kristoffer had successfully hacked a device either as when he was a one-year-old he managed to unlock his dad’s mobile phone without the passcode.
"We're always listening to our customers and thank them for bringing issues to our attention. We take security seriously at Xbox and fixed the issue as soon as we learned about it,” read a statement from Microsoft.
As a reward the company gave the boy four free games, $50 [£30] and a year long subscription to the Xbox Live service as well as themention in the security researcher list on the Xbox Live website.