Account security on the Xbox One has been blown wide open — but the culprit isn't some international hacker organization. It's a 5-year-old kid in San Diego.
Kristoffer Von Hassel is allowed to play on his dad's Xbox One, but account restrictions kept him away from violent games made for adults. Those kinds of rules just beg to be broken, however, and little Kristoffer managed to find a way around — and in the process, exposing a serious security flaw on the console.
Selecting "Sign in" from the home screen brings up a password prompt. Kristoffer, far from knowing his dad's password, simply filled the password field with spaces and hit "enter" — and lo and behold, access was granted!
Robert Davies, Kristoffer's father, took a video showing the whole process, and Cathy Von Hassel-Davies, his grandmother, emailed San Diego's 10 News, which did a segment on it. He also contacted Microsoft, who acknowledged the flaw, added Kristoffer's name to a list of "security researchers," and awarded the kid $50, four free games and a year of Xbox Live online gaming service.
Microsoft has fixed the issue and consoles should no longer be wide open to curious kindergartners, but you might want to check yours, just to be sure.