X's two-factor authentication glitch locks users out of their accounts
What's the story
Elon Musk's social media platform, X, is facing a major issue after a mandatory two-factor authentication (2FA) change. The problem has left many users caught in endless loops or completely locked out of their accounts. The issue stems from a transition from the old twitter.com domain to the new x.com for passkeys and hardware security keys used in 2FA.
Domain switch
Transition from twitter.com to x.com
On October 24, X announced that users relying on passkeys or hardware security keys for 2FA would have to re-enroll with the new domain, x.com. The move was part of a plan to phase out the old twitter.com domain, which now redirects to x.com. However, the transition has caused problems as passkeys and security keys are digitally tied to the old domain and can't be transferred. This means users have to manually un-enroll and re-enroll with the new one.
Access issues
Users can't re-enroll their passkey/security key
As part of the transition, X warned users that their accounts would be locked after November 10 if they didn't re-enroll or choose another method for 2FA. Now that the deadline has passed, many users are reporting being locked out of their accounts. They can't re-enroll their passkey or security key due to error messages or being stuck in an endless loop.
Company silence
Musk has been active on X amid the situation
Despite the widespread reports of account lockouts, X has not commented on the issue. Musk has been active on his platform as usual, suggesting he may not be affected by this change. The situation is just another problem for X since Musk acquired Twitter for $44 billion and took it private.