Twitter’s Final Remnants Are Vanishing from X
▼ Summary
– X is requiring users with physical security keys or passkeys for two-factor authentication to re-enroll them by November 10th to avoid account lockouts.
– This change is necessary because security keys are tied to the twitter.com domain and must be updated to work with x.com as X retires the Twitter domain.
– The update only affects Yubikeys and passkeys, not other two-factor authentication methods like authenticator apps.
– Domain-specific authentication prevents phishing by not recognizing fake domains, such as those using deceptive Unicode characters or alternative addresses.
– The transition is part of X’s ongoing rebranding, which included changing the domain over a year ago and retiring the blue bird mascot before that.
X is taking a definitive step toward retiring the Twitter.com domain, prompting users who rely on physical security keys or passkeys for two-factor authentication to re-enroll them by November 10th. Failure to update these login methods will result in locked accounts, and abandoned profiles may eventually be sold. Active users have already received notifications about this transition, which the X Safety team clarified is unrelated to any security breach. The update specifically affects Yubikeys and passkeys, not other 2FA options like authenticator apps.
Security keys enrolled as a 2FA method remain linked to the twitter.com domain. Re-enrolling them will associate these keys with x.com, enabling the company to fully phase out the Twitter domain. This adjustment mirrors the same security principle that makes hardware keys and passkeys effective against phishing attempts. Because these tools are bound to the specific domain where they were initially configured, they won’t recognize alternative addresses, even those disguised with lookalike characters or subtle URL changes.
These security keys and passkeys represent some of the final vestiges of Twitter still in use, more than a year after X officially adopted its new domain and nearly two years after retiring its famous blue bird logo. Despite the overarching rebrand, a handful of Twitter-era elements persist, such as the page used for embedding X posts.
(Source: The Verge)
