The social network X (formerly Twitter) warned users that by November 10 they must re-register their hardware security keys and passkeys used for two-factor authentication (2FA). If they don’t do this in time, access to their accounts will be locked.
The warning applies only to those who use passkeys or hardware security keys like YubiKey for 2FA. Both methods are considered reliable protection against phishing attacks, since identity verification is performed using cryptographic keys stored on the device or in the OS, rather than traditional passwords that can be stolen by infostealers and phishers.
“By November 10, we ask all accounts using security keys for 2FA to re-register them to continue accessing X,” says the official Safety account.
The company clarified that you can re-register an existing passkey or add a new one. The developers also reminded users that if you register a new passkey, all the others will stop working.
After November 10, accounts without updated keys will be locked. You can unlock them in three ways: re-register your security key or passkey, switch to another 2FA method (for example, an authenticator app), or completely disable two-factor authentication (although X strongly discourages this option).
Company representatives emphasize that what is happening is not related to any cyber incident. The reason users are being asked to update their keys is simple: the company is finalizing the migration from the twitter.com domain to x.com, and security keys and passkeys are tied to a specific domain — in this case, twitter.com. Once the old domain is fully retired, these keys will simply stop working.
To re-register the keys manually, go to the settings at x.com/settings/account/login_verification/security_keys, disable the existing security keys, and register them again. To verify your identity, you’ll need to enter your password.
After the procedure is complete, security keys and passkeys will be linked to the x.com domain and will continue to work once the company fully phases out twitter.com.