Goodbye Twitter.com – A hidden deadline every X user needs to know

As part of its full transition away from its old identity, X has revealed that the X Corp platform will officially retire the twitter.com domain on November 10, 2025.

For users who rely on hardware security keys or passkeys (passwordless log-ins tied to the domain) the current credentials are registered under twitter.com. With the domain sunsetting, these credentials must be re-enrolled under x.com to avoid being locked out.

What to do?

If you use a security key or passkey for two-factor authentication (2FA):

Go to Settings & Privacy → Security and account access → Security → Two-factor authentication in the X app or website.

Choose “Security key” (or passkey) and delete the old entry tied to twitter.com, then re-enroll (or add a new key) under the x.com domain.
Fast Company

After Nov 10, accounts still using a key tied to twitter.com will be locked until they re-enroll or switch to a different 2FA method.

What this does/does not affect?

This change only affects users with hardware keys or passkeys. Users using authenticator apps, SMS codes or other 2FA methods are not required to re-enroll because their methods are not domain-specific in the same way.

X clarifies that this isn’t a response to a security breach – it’s a branding and infrastructure shift to retire twitter.com and unify everything under x.com.

Why it’s happening?

The move marks the closing chapter in the platform’s re-branding: after being acquired by Elon Musk and renamed in 2023, X is now removing one of the last visible links to the Twitter era – its domain. By migrating authentication and other services, X prepares for twitter.com to be permanently phased out.