I just saw the 2fa thread get locked…
A poll before this change would have shown if the fallout/backlash would have been worth it to go forward with the change
7 Likes
I’m currently in the process of making a dedicated post on if the Scripts categories should be account only or not. Which follows off the MFA thread.
1 Like
Community feedback is definitely allowed and we do listen to feedback.
We won’t always do what the community wants for one reason or another, but we will always discuss and consider what should be done.
There was a world where there was a vocal group that wanted to ban certain kinds of content. While I personally dislike that content, I’m strongly opposed to censorship.
I have literally reshaped the forums infrastructure to resist censorship.
12 Likes
I think the key there is you cared about both sides. You disliked the content but you also disliked censorship. Ultimately you gave users the choice to determine what they wanted to see, so everyone was happy.
That is not the case here. You seem very vehemently on one side of the discussion and so you do not seem willing to make any infrastructure changes nor do you seem inclined to allow users to decide for themselves what is best.
The community has continued to make threads and rehash the topic because you have not seen fit to try to reach a conclusion more people are happy with. You have dug in your heels repeatedly and brushed people off. Do you expect everyone to just go away when you lock the threads or stop being annoyed at the changes forced on them?
6 Likes
This topic is not about 2fa. Don’t re-hash discussion in different threads.
the very first post in this topic starts with:
“I just saw the 2fa thread get locked…”
and the boss just told you:
“This topic is not about 2fa. Don’t re-hash discussion in different threads.”
listen guys, you can’t argue with him, you can’t reason with him. he has no incentive what so ever. at the end of the day he is the admin and can do on his site what he wants or feels like. so short of somebody else creates a new community: you either adapt or you leave for good. remember:
you try to argue with a person who has a rfid chip implanted in his hand and thinks it’s a good idea or serves a “security” aspect. you will never win any argument with him. after all he is a specialist in his field and knows what he is doing, contrary to everybody else in this very sector. so don’t try it. it’s futile exercise
if you want however to mitigate this issues somewhat, here is how:
1.) move on to other platforms for your community needs, and have a burner account here;
2.) setup the 2fa manually and label it inconspicuous,
3.) observe browser history hygiene, so surf here in incognito or generally lock your account so nobody can access it physically, do not use the build in password safe of mozilla for example
4.) use a redirect email to layer your account and identity, such as https://app.simplelogin.io or other service to reduce your visibility
(edited: grammar)
8 Likes
very nice - i seem to not be able to edit my post for obvious writing errors
so the corrections are: 2FA and in the last word visibility - at least what i can see so far
You know what. Fine. This is officially the 2fa complaining containment thread.
Complain all you like in this thread.
1 Like
Well, i was muted for some hours, cause admin decided talking 2fa here is offtopic, now he did unmute me, cause it’s totally not and topicstarter want continue that theme.
So hear me folks - you can get punishment for being against that forced change made without hearing community.
And as admin state - he not answering to any complains about 2fa anymore, so we just speak here and being ignored from now on.
My closed thread topisctarted referred to - got almost 300 likes, so it’s sort of big amount of people who do share same thoughts about this enforcement.
While i’m being muted - i throw some ideas in admin DM, so i gotta post it here too now.
It’s probably been around before in other wording but anyway…
Idea 1 - Just make users be able to disable 2fa in trade of being muted.
But it’s still an account for access script category, that will do. Whoever wanna talk - go do stupid extra-apps-required-MFA
cause admin mute people for being against that change - well, let’s make it compromise.
Idea 2 was actually in my deleted post here in the topic, so i repeat it again
Since discourse not allow to only apply forced 2fa to scripters (who really only people that would take damage if their account get hacked, and that’s most-used admin argument to made that enforcement) - then let users disable it after one-time-event of enforcement (which already happen), also force it for new user once (but still allow disabling it), have HUGE RED WARNING when people try to turn it off (and let that warning especially be about that’s not good idea if you’re scripter).
That will do, cause be honest - just regular users come here to download scripts, scripts category unaccessible without site account. 2FA needed for just download - is insanity.
PS: we do have some trust badge here, like lvl2 allow you to post in script requests for example
Can’t we just have another badge that automatically given to users with 2fa enabled, and taken from users who decide disable it - that allow you to post in script\software category?
Idk if that can be done technically, but it wasn’t stated as impossible, like forcing 2fa to some group and not everyone. Can’t do this technically - well, try make it opposite way around, and maybe that way it can be done technically.
4 Likes
Personally me - i’m fine with any restrictions applied to my account in trade of disabling 2fa, until it still would be possible to download scripts.
Cause that’s purpose of the site, and it would be no point of having account that can’t access script downloads, like unlogged visiters.
7 Likes
What a wonderful way to avoid addressing any of what I just said and how it pertains to the comment you made in this thread.
2 Likes
I was adviced to get some scripters to against 2fa side.
So this is it - if popular scripters would strongly disagree with that enforcement - then admin can’t ignore the issue anymore, like he continue to do with regular users disagreement.
So please, if any scripter reading that thread and post - could you live your opinions here? As it would have more weight for the admin compare to just users.
2 Likes
In principle, your idea is right, but for him this is a black-and-white issue: a technical, bureaucratic decision based on hard parameters. I don’t think your suggestion will change that rationale. I was once a contributor myself, maybe not to the level of a scripter, but still. I open-sourced the Handy firmware, helped bring IoT into toys in general, and enabled a network stack in Multifunplayer.
Even with pressure from one or several big players, it would take a lot to prompt a reconsideration. And it might not happen at all, because there is no real competition in this sector. It’s a challenge to build the infrastructure needed to support this kind of community.
Think of a prepper. For most “normal” people, it seems silly - or at least it did until COVID 
So yes, it makes sense to prepare a little… but you probably don’t need 10 guns, five years of non-perishable food, and a full trauma kit on hand.
He is right in the sense that it provides the community with more security for very edge-case scenarios, but it comes at the cost of added friction and personal liability.
For example: follow the instructions of theGoonitar on your laptop and travel to the Murica. If you’re unlucky, they may demand to inspect your phone and/or laptop - and yes, they can do that. Given the current administration, they might even invest in better training for immigration officers or have specialists on hand. Have fun explaining what that Login “discuss.eroscript.com” is for.
But even if you are having brains enough not to label the ident as such;
It’s a very bad idea to lock access to a porn website behind 2FA - especially with “convenient” passkeys, which can become very strong supporting evidence in court; we call it traceability and attribution. If you also have DMCA-infringing content on that same platform, you’re effectively creating a system that shifts liability onto the community. That’s exactly what he’s doing, knowingly or not. Now of course this is not everywhere enforced, and it’s also not doom and gloom right now.
But this creates the very system that facilitates this exactly, that we are slowly drifting towards.
ID for Social Media plays in the same direction. Slowly eroding our liberties and responsibilities, and most follow in because it’s sold as security and/or convenience.
I know of at least one Moroccan user on this platform, just for context. Much of what happens in this community is punishable in countries like that. This kind of enforcement exposes them further and makes prosecution easier.
That still won’t change his mind, because he’ll dismiss these as edge cases or tell me again; I don’t understand how 2FA works. Or i have it all wrong…
Meanwhile, the supporters of his store passwords in credential managers, debating 2FA with us, while session cookies are valid for 60 days 
I’m telling you, brother it’s useless to argue with him or them or make any more suggestions.
6 Likes
I’d say it’s useless now, until some big scripters go against it.
I was told there was some site changes in past, that huge part of scripters disagree with and admin revert it back. But as i understand it - there was another admin that past days. So maybe admin we have now way less into listening to community and way more into “i’m authority, i could force anything i want”, who knows.
But still worth a try, cause it’s unique community, so spoiling it with extra friction just to be able to use site - could have bad influence on the script numbers, etc.
And better speak loud and not just leave site…
4 Likes
Loli used to be banned so potentially this might get reversed? the backlash from the ban was bigger than the anti 2fa crowd but we are by no means small.
1 Like
The problem there is he agreed with both sides in some capacity. He disagreed with the content but he also disagreed with the censorship, so it was much easier for him to change sides and still be “right”.
Here, he’s clearly only on one side and has dug his heels in incredibly hard.
To be clear, I never changed my stance. I was always on the side of non-censorship. I’m indifferent to the content.
You didn’t change your stance, no. That’s kinda part of my point. You didn’t have to change your stance. Even if you were indifferent to the content, you had no horse in the race then for banning it, and you did have a horse in the race for non-censorship.
Either way, it doesn’t seem like at any point you were forced to do something because the community wanted it, even if you absolutely disagreed. You seem to have gone with things that you either didn’t care about or vehemently agreed with. That’s relevant to this conversation because you have dug your heels in and refused to see any viewpoints than your own. You talk about it like you’re totally willing to go against your own desires for the sake of the community, but then the example you provided does not show you doing that, and forced MFA certainly shows you not doing that.
I initially said no to muting the controversial tags by default because I strongly oppose censorship. The community convinced me with good arguments. Specifically they pointed out that users who reside in countries where some of that content is illegal could get in trouble for just visiting the site.
Make better arguments and I’ll change my mind. I’ve done it a few times in my life.
Hey, just wanted to chime in to say that I love the fact that 2FA has been added, and I wish more sites would do it