"By November 10, we're asking all accounts that use a security key as their two-factor authentication (2FA) method to re-enroll their key to continue accessing X. You can re-enroll your existing security key, or enroll a new one,"
"To clarify: this change is not related to any security concern, and only impacts Yubikeys and passkeys - not other 2FA methods (such as authenticator apps). Security keys enrolled as a 2FA method are currently tied to the twitter[.]com domain. Re-enrolling your security key will associate it with x[.]com, allowing us to retire the Twitter domain,"
"Getting off of Twitter enrolled keys so we can stop doing hacky things for domain trust. Physical security keys are cryptographically registered to Twitter's domain and need to be re-enrolled under X,"
X will retire the twitter.com URL used for authentication. Users who use a hardware security key as their two-factor authentication must re-enroll their key with x.com by November 10 to continue accessing X. Re-enrolling will associate security keys with x.com so twitter.com can be retired. This change does not affect authenticator apps such as Google Authenticator, Microsoft Authenticator, or Authy. Physical security keys are cryptographically registered to a domain and therefore require re-enrollment when the domain changes. Re-enrollment can be done via Settings > Security and account access > Two-factor authentication > Manage security keys. It is unclear whether twitter.com will be retired for all activities.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]