Source of this article and featured image is TechCrunch. Description and key fact are generated by Codevision AI system.
Elon Musk’s X faced a security issue after a mandatory two-factor authentication update, causing users to be locked out of their accounts. The change involved switching from the old twitter.com domain to x.com, which disrupted passkey and hardware security key functionality. Users who relied on these methods were unable to re-enroll, leading to account lockouts. The deadline for re-enrollment passed, and many users are now unable to access their accounts. This incident highlights the risks of abrupt security updates without proper user guidance, making it worth reading for those interested in cybersecurity challenges.
Key facts
- X implemented a mandatory two-factor authentication update that caused users to be locked out of their accounts.
- The update involved switching from the old twitter.com domain to x.com, disrupting passkey and hardware security key functionality.
- Users who used passkeys or hardware security keys had to manually re-enroll using the new x.com domain.
- After November 10, accounts were locked until users re-enrolled or switched to another two-factor authentication method.
- Many users are now unable to access their accounts due to error messages or endless re-enrollment loops.
