Removing projects & 2-factor auth

I have some projects on PyPI. I want to remove them in view of the EU’s Cyber Resilience Act and an
abundance of caution (see EU CRA) and the PSF’s statement “the authors of open-source components might bear legal and financial responsibility for the way their components are applied in someone else’s commercial product” (full text: PSF on CRA).

Unfortunately, the PyPI UI won’t let me do anything because I haven’t set up 2-factor authentication. I don’t want to set this up since I won’t be doing any more open source in view of the above. Is there any other way to get my projects deleted?

Enable the 2FA remove the projects then delete your PyPI account?

As I mentioned, I do not want to enable 2FA.

Enabling 2FA means I have to go through a process which I don’t want to go through.

I’ll ask the PyPI admins to close my a/c.

I set it up using a very simple Python script. TOTPs are a well-known standard.

1 Like

As I mentioned, I do not want to enable 2FA.

Enabling 2FA means I have to go through a process which I don’t want to go through.

I’ll ask the PyPI admins to close my a/c.

Just to be clear: instead of availing yourself of a self-serve to solution that will take 5 minutes of your time, you want to drag over-taxed PyPI maintainers through extra work (which will take who knows how long to get to or even be seen, by the way).

1 Like

For what it’s worth, I don’t dispute the mentality of “don’t force me to use a mobile phone”, and I utterly detest services that demand that. However, PyPI doesn’t. So I’m hoping this is just a misunderstanding about the nature of the 2FA that PyPI is demanding.

1 Like

Closing at request of author.