On the first update when it showed me the message, I trusted it and wrote down the new key and threw the original piece of paper into the trash. Then the second time it showed up, I became suspicious and did a quick google search and then ran the command tool just to confirm that the new backup key validates, but it didn't. My hunch is that it was still using the original key I had set up myself, but I couldn't confirm since I had tossed it.
