X has issued a notice to users who rely on passkeys or hardware security keys, such as YubiKeys, for two-factor authentication (2FA), advising them to re-enroll their security key before November 10, 2025 to maintain uninterrupted access to their accounts.
The platform’s Safety team stated that users who fail to complete the re-enrollment by the deadline will be locked out until they either re-enroll a key, select another 2FA method, or disable 2FA altogether. However, X emphasized that it strongly recommends keeping 2FA enabled for optimal account security.
This update is part of X’s ongoing process to retire the twitter[.]com domain, a legacy holdover from before Elon Musk’s acquisition and subsequent rebrand in 2023. According to the company, the change only affects users with hardware security keys, not those using authenticator apps or other 2FA options.
“Security keys enrolled as a 2FA method are currently tied to the twitter[.]com domain,” the company explained. “Re-enrolling your security key will associate it with x[.]com, allowing us to fully transition away from the Twitter domain.”
X continues to support several forms of two-factor authentication, including text messages (available only to non-Premium users) and authenticator apps. Users who need to re-enroll their hardware key can do so by following these steps:
- Go to Settings and privacy → Security and account access → Security → Two-factor authentication
- Choose Security key → Manage security keys → Delete existing keys
- Select Security key, enter your password, and verify the confirmation code sent to your email
- Click Start, then insert your hardware key into the USB port (or connect via Bluetooth/NFC)
- Tap the button on your key and follow on-screen instructions to complete setup
