Thanks for the kind words. Just to clarify (and avoid stolen valor): I worked on the 2FA implementation, but not the current critical project scheme or free key giveaway. That was all done by PyPI’s maintainers (I’m just a contributor), and they’re absolutely incredible and tireless in their commitment.