That's one of the things someone can do if there's a Master Password set. If you don't know if one is set on your computer, I already gave some search terms to try. The specific details of what to check and where to look depend on which OS version you have.
You should do some searches, read some articles, and figure out which (if any) of the following are set or not on your computer:
1. Master password.
2. Firmware password.
3. Hidden account.
There's no such thing as a "password history" to reset. There will be an account or some other means of obtaining access, such as no firmware password. You will have to close up that access point, and how to close it depends on what it is.
This has little or nothing to do with being an 11-year old, nor Apple defending against 11-year-olds. I strongly doubt that he figured out an entry all by himself. He's somehow obtained instructions that told him what to do. So you need to go through the list of known ways to get around your account password, and see which (if any) are active.
No one can tell you how to correct the problem unless the specific cause is known. There isn't a magical "lock it all down" app, nor is there a "find the hidden entry" app. You have to look in several places, try several different things, and specifically find out how your machine has been changed in order to allow the access.
If you can't figure out how he's getting in, then your last option is a complete wipe of the OS and reinstall, after backing up your data. You would then also have to set at least a good firmware password, to prevent further compromises. You should probably also set a good master password, simply to prevent someone else from doing so.
If this seems difficult, it is. When an attacker, even a little brother, has instructions on what do and physical access to the machine, security is a lot harder to establish and maintain. That's one reason for the suggestion of physically locking up the computer.
EDIT
The NSA (yes, that NSA) has some instructions on how to prevent Macs and OS X from being compromised.
Google search terms: nsa secure mac os
Example link:
http://www.nsa.gov/ia/mitigation_gu...ation_guides/operating_systems.shtml#AppleMac
Apple's security configuration guides:
https://ssl.apple.com/support/security/guides/
Thanks, I managed to change all of the passwords and my apple ID password.
It seems he can no longer access the mac, thank you very much everyone for your help!
