We’re seeing reports across social media that users of Elon Musk’s X (formerly known as Twitter) are getting stuck in endless loops and, in some cases, getting locked out of their X (formerly known as Twitter) account, following a mandatory two-factor security change that seems to have gone wrong.

On October 24, X (formerly known as Twitter) said in a post that it was asking users who rely on passkeys or hardware security keys (such as YubiKeys) as their method of two-factor authentication to re-enroll using the x[dot]com domain. (Users who use an authenticator app are unaffected.)

X (formerly known as Twitter) said [that] this was part of an effort to retire the older twitter[dot]com domain, which currently redirects to x[dot]com. That change took effect in May 2024. The problem is that passkeys and security keys are digitally tied to the old twitter[dot]com domain and can’t be transferred to x[dot]com. That means users have to manually un-enroll and re-enroll using the new x[dot]com domain.

As part of the switchover, X (formerly known as Twitter) warned that after November 10, customers would have their accounts locked until they re-enroll or choose another method of two-factor authentication.

Now that the deadline has passed, plenty of users are reporting that they’ve been locked out of their accounts and can’t re-enroll their passkey or security key, citing error messages or getting caught in an endless loop.

This is the latest issue to beset X (formerly known as Twitter), now owned by Elon Musk after he bought Twitter, as it was known then, for $44 billion. Since taking charge of the social networking site, the company has experienced massive layoffs and countless controversies.

X (formerly known as Twitter) did not respond to a request for comment, but Musk, who now owns X (formerly known as Twitter), has been posting as usual, presumably unaffected by the change.