Kids are also using a bot created on this website: https://mem.rip/kahoot/ to circumvent the name generator.
Here are some of the other hacks. They are updating these every day, so Kahoot needs to find a way to close the back door of their software to prevent this from happening.
https://kahoot.ninja/
https://godoc.org/github.com/unixpickle/kahoot-hack
https://kahoothack.wordpress.com/ -- This 17 yr old programmer brags about his 5 exploits of Kahoot
https://www.techmobis.com/kahoot-hack/ -- This one shows how to download the Chrome Extension(s)
https://chrome.google.com/webstore/search/Kahoot%20?hl=en -- These are the 3 Kahoot Hack Chrome Extensions
https://kahoothack.co/kahoot-hack/
https://github.com/unixpickle/kahoot-hack
Okay, the list is infinite! This was only the first page that I found for a Google search of Kahoot Hacks.
I plan on adding them to my blocked URL list on LanSchool (my student computer management system), so we may be able to use Kahoot. Sadly, it is the son of our IT guy and his friends that are sharing this stuff with other students. I really hate that the immaturity of a few students is forcing me to use other sites that do not have a random name generator. If teachers could set up an account for each student with a dedicated user name, then it would resolve this one problem. Come on, Kahoot! I miss being able to use you with all of my classes.
6 comments
Hi all!
While we have measures in place to regularly identify active bot services and take action to disable them, there are some things you can try during a session to prevent them.
Enable 2-step join - Players will have to enter your game PIN and then click on four boxes in a specific pattern. This pattern is displayed on your lobby screen, but changes every 7 seconds. If a player wants to use a bot, and that bot has a UI to enter the pattern, it’ll only be valid for a few seconds. Enabling this setting will generally diminish the risk/reward ratio for players trying not to be caught while pulling a prank. Many bots don’t support 2-step, and those that do will only have a limited impact due to the changing pattern.
Enable nickname generator - Similar to 2-step, this adds a step to joining that most bots don’t support. However, this alone might be less effective since there is no changing pattern that must be verified. Nevertheless, using both together can only improve your odds that bots won't successfully join.
Enable player identifier - This alone is a far more effective way to prevent bots than the above two combined. Players will have to submit a unique identifier to join (1st name and initial of last name for EDU School & district orgs, email for EDU higher ed or Business 360 Pro or Spirit orgs). And if the magic link option is enabled, players will need to join via a link that’s emailed to them in order to ensure they provided a valid email address.
People also used to flood Kahoot games on live streams back in 2018–19 a lot when Kahoot hacks and botting scripts were gaining traction like this:
In 2008, an exploit called MS08-67 was discovered in Microsoft operating systems. Naturally, Microsoft told their customers what was wrong and issued an emergency patch. However, by doing so, they essentially gave the instructions for breaking in to hundreds of hackers.
You wrote a frantic post with a list of exploit sites. Sounds awfully similar, huh.
Thank you for showing hacks list I will for sure use them
Is there a way to stop kids from spamming to get the right answer in a self paced Kahoot?
Kahoot! needs to do more in solving these issues because what is the essence of creating very useful quizzes that will get hacked, defeating it's original purpose?
Also, I suggest that Kahoot implementd a system such that a quiz admin can generate x number of unique codes which they can email to predetermined quiz takers, and which when used, cannot be re-used for that same quiz by another user, ever.
Please sign in to leave a comment.