Do You Log Into X With A Security Key? Re-enroll It By Nov. 10 - Or Else

Adrian Kingsley-Hughes/ZDNET

Follow ZDNET: Add america arsenic a preferred source connected Google.

ZDNET's cardinal takeaways

• Any relationship connected X that uses a information cardinal will request to re-enroll it.
• You tin do this done information settings connected nan X website aliases app.
• The move is basal owed to nan status of nan twitter.com domain.

Do you usage a beingness information cardinal to protect your online accounts? If so, kudos to you, arsenic that's 1 of nan champion methods of protecting yourself with two-factor authentication. But if you usage nan cardinal pinch your relationship connected X, formerly Twitter, I'm acrophobic you'll person to re-enroll it.

Also: Why multi-factor authentication is perfectly essential 

In an X station from Friday, nan network's Safety relationship said that anyone utilizing a security key arsenic their two-factor authentication (2FA) method must re-enroll that cardinal by November 10. If you miss that deadline, your existing information keys will extremity working, and you'll beryllium locked retired of your account.

At that point, you tin still re-enroll, prime a different 2FA method, aliases opt not to usage 2FA. However, to enactment secure, you'll want to either re-enroll aliases take a different -- but still effective -- method.

To re-enroll, occurrence up nan X website aliases mobile app. Select nan More button, click nan action for Settings and privacy, spell to Security and relationship access, prime nan action for Security, and past click "Two-factor authentication." Select nan action for Security key. Make judge nan information cardinal is plugged into your machine aliases mobile device, and past travel nan steps to enroll nan key.

Also: The champion information keys: Expert tested

If you nary longer want to usage nan information key, you tin take nan "Authenticator app" action instead. For this, you tin usage an app for illustration Microsoft Authenticator aliases Google Authenticator to make codes to usage each clip you request to motion successful to X connected a different device. Just don't prime nan action for SMS matter messages, arsenic that's nan slightest unafraid type of 2FA and 1 susceptible to hacking.

Why nan request to re-enroll? Is X proprietor Elon Musk conscionable messing pinch group successful his accustomed style? Maybe, but that's not nan existent reason. The web is yet retiring its aged twitter.com domain, which intends you'll beryllium capable to entree it only done x.com. With nan aged domain facing retirement, immoderate information keys enrolled nether nan twitter.com domain will request to beryllium reestablished nether nan newer x.com.

"To clarify: This alteration is not related to immoderate information concern, and only impacts Yubikeys and passkeys -- not different 2FA methods (such arsenic authenticator apps)," nan X Safety relationship also posted. "Security keys enrolled arsenic a 2FA method are presently tied to nan twitter[.]com domain. Re-enrolling your information cardinal will subordinate them pinch x[.]com, allowing america to discontinue nan Twitter domain."

Also: How passkeys work: The complete guideline to your inevitable passwordless future

This station from nan X Safety squad does mention passkeys successful summation to information keys. However, there's nary denotation that group pinch passkeys will request to reset aliases recreate them. I contacted X to inquire what will hap pinch users who person passkeys and will update nan communicative erstwhile and if I perceive back.

Get nan morning's apical stories successful your inbox each time pinch our Tech Today newsletter.