Yes, you heard right, Just by using Space bar!
His father noticed that Kristoffer logged in as his Xbox Live account to play video games that he wasn't meant to be playing and asked how he had done it.
Kristoffer revealed that by typing in the wrong password and then by pressing the spacebar, he bypassed the password verification through a backdoor, and it was pretty simple!
HIS FEELING, "was like yeah!" 5-year-old gamer actually hacked the authentication system of a multi-billion dollar company, and his feeling "was like yeah!", Kristoffer said to local news station KGTV.
His father reported the vulnerability to Microsoft Security Team, and it has been fixed by them. Microsoft issued a statement, “We're always listening to our customers and thank them for bringing issues to our attention. We take security seriously at Xbox and fixed the issue as soon as we learned about it.”
Microsoft awarded the junior security researcher with some cool games, $50 bugs, a one-year free subscription to Xbox Live and listed his name on their website among other security researchers.
I wish a bright Infosec career ahead of him. Cheers!