"Before it would just let you try over and over," Jason Coutee, the IT consultant credited with exposing the flaw, wrote Joystiq. "But now ... they handle the sign in request on the server in a way that it will stop replying after about 20 attempts."
Coutee feels that Microsoft tightened the security, but didn't make any noticeable changes on the front end.
"Good news is that at least they lengthened the time it would take to brute force Live IDs."
Microsoft notes that the exploit was not a loophole in Xbox.com, but a brute force attack that is an "industry-wide issue."
- Key specs
- Reviews • 90
- Game format Optical disc, Downloadable
- Online features Multiplayer, Voice chat, Video chat, Store, Browser
- Drive capacity 500 GB
- Controller type Wired, Wireless
- Motion controls Camera / optical
- Video outputs HDMI
- Released 2013-11-22