Key Takeaways
- X (formerly Twitter) is retiring the Twitter.com domain on November 10
- Users with hardware security keys or passkeys for 2FA must re-register them to X.com
- Failure to update credentials by the deadline will result in account lockout
- Affected users can regain access by updating 2FA settings
Elon Musk’s social media platform X has announced it will retire the Twitter.com domain on November 10, potentially locking out users who use hardware security keys or passkeys for two-factor authentication if they don’t update their settings.
The X Safety account confirmed that security credentials currently tied to Twitter.com must be re-enrolled to X.com before the deadline. While most users won’t be affected, those with Yubikeys or passkeys face account lockout if they don’t comply.
What X Says About the Change
The company emphasized this move is “not related to any security concern, and only impacts Yubikeys and passkeys.”
“Security keys enrolled as a 2FA method are currently tied to the twitter[.]com domain. Re-enrolling your security key will associate them with x[.]com, allowing us to retire the Twitter domain,” the company stated.
“After November 10, if you haven’t re-enrolled a security key, your account will be locked until you: re-enroll; choose a different 2FA method; or elect not to use 2FA (but we always recommend you use 2FA to protect your account!).”
How to Prevent Account Lockout
Follow these steps to update your security settings:
- Open the X.com app or website and navigate to Settings
- Go to Privacy menu and click on Security
- Tap Account access, then Security, and finally Two-Factor authentication
- Add or re-enroll your existing passkey
If locked out, you can regain access by re-registering your security key, switching 2FA methods, or disabling two-factor authentication.
Musk’s Long History with X.com
The domain change fulfills Musk’s long-standing vision for X.com. He originally founded X.com in 1999, later merging it with Confinity to form PayPal. After eBay’s acquisition, Musk repurchased the domain in 2017, citing its “great sentimental value.”
Two-factor authentication remains a crucial security measure that adds an extra verification layer beyond passwords, making accounts more secure against cyber threats.
