I can understand why the first example is burdensome and don't have any quarrel with it but I can't help but lack sympathy for the second example. If your barrier as a developer is setting up 2FA I can't help but doubt you ever cared much about supporting Firefox anyway. This is like a taxi driver complaining about needing to have proof of insurance and a driver's license.
I'm just an old-fashioned programmer, I don't think I should have to register with an authority and submit all of my code to them just to be able to run something I've written for myself on my own computer.
I think mail confirmation or yubikey is fine but I never understood why I need an app on my phone for authentication. What if I lose the phone? How would I get my account back?
Tried some authenticator app on the desktop once also and got locked out of my account after that because my computer crashed and I had to reinstall it. Never again.
i very much care about supporting firefox users. for example, i maintain a separate, mozilla-signed, manifest v2 version of an extension i made [0] just so firefox users can keep using it. i do so even though this compromises my own ideals about not wanting to use 2FA out of principle.
