the aforementioned feedback, that had close to 250 upvotes and stayed active for 3-4 years, actually never got a reply from Discord. It's in the 90 most upvoted stories, and in the 50 most commented stories of all times under Account & Server Management. And overall, only 15 of the 120 most upvoted stories on this board got a reply from Discord (including the 8 that were completed).
(the top story is even funnier, as Discord didn't even reply to it, but comments were closed because there were too many.)
When the board about yubikey was the most active, Discord maybe somehow replied to it by doing the opposite. Instead of increasing their security as users asked, they decided they would fancy lowering it and introduced QR codes, because services are no fun if they don't experience of wave of hacks.
And now, they're not referring to anything from the past, but are cluelessly posting generic talk and external links on a blog post.
Also, as throwaway1777 mentioned, hardware tokens for staff is definitely something that had to be done before the second half of the last decade. It's the standard in any company I work with nowadays.
So, IMO, OP's blog post doesn't show how Discord is being innovative, it's just a statement of "sorry, we're catching up on security" and "was this a topic before ?"
Not replying to something isn't pushing back. Chances are this one feedback post item got lost in the sea of them. If it's any consolation I'll reply to this feedback post saying it's planned and in progress.
As for the QR code login, I built that feature. Although it does offer a venue for social engineering, we've done a lot since launch to ensure people understand that they're logging into a new device using it. From day 1, it's always included red text that said roughly "you're logging into a new device using this" and to "not scan codes that random people have sent you." Of course, some people don't really read. That being said, millions of users every week use the QR code login legitimately, and it's a feature that most other chat platforms offer. It's also very very beneficial when you're using a shared device (i.e. you live in South Korea and visit PC bangs often.)
As well, you'd be surprised, webauthn adoption within companies is not nearly as ubiquitous as you'd think. Shipping out yubikeys around the world during a pandemic was a gargantuan task. Either way, any post advocating for more broad adoption of webauthn and also showing success does the industry as a whole good.
we are getting a lot of problem when we use mnesia and same thing happened with you in the past. just tell me when are you going to open source your replicated ets?
Also, I'm not sure what's given you the impression that there has been any push-back on the feature?