TLDR. Your technical writing is bad and it is putting lots of people off.
1. Learn to write arguments properly. Your claims are outright wrong and ridiculous. You provided no strong evidence thus just reading your blog post put off lots of people.
Examples:
"It is production-ready to be used by four Billion people by tomorrow morning" -> no, it is not. You are underestimating the time complexity of integrating your project with existing apps. Show me how many people are using SecureLogin 24 hours from now? By the way "tomorrow morning" without an exact date is vague.
"terrible usability. First one offers you to write down backup codes on a paper (which I never did)" -> use your personal anecdote as an evidence is not strong unless you show me statistics of how many people who wrote down backup code (I did).
2. Learn to write protocol documentation properly. At least include a figure of the protocol flow and pointer to your code location. No matter how interesting is your concept, many people will be put off digging through your github project to understand the protocol. Not everyone is familiar with Javascript.
Oh god, there are so many things in that post which make me sad.
> Unfortunately OWASP is out of touch with reality. First Top10 was released in 2003 and back then the web was a mess. CSRF? Everywhere. XSS? Give me a minute. SQL injection? Just try another parameter.
This is idealistic to say the least. Those things are still very much issues, and sadly are likely to continue to be for some time.
Regards 1) why do I need statistics for such self-evident things? How on Earth writing down secret codes can be called convenient? No one said yet "wait a second, I actually love all this hassle"
> You are underestimating the time complexity of integrating your project with existing apps
This is not a relevant blocker for being production-ready: websites _can_ read the docs and use it. The server could go down (valid blocker), but not that.
TLDR. Your technical writing is bad and it is putting lots of people off.
1. Learn to write arguments properly. Your claims are outright wrong and ridiculous. You provided no strong evidence thus just reading your blog post put off lots of people.
Examples:
"It is production-ready to be used by four Billion people by tomorrow morning" -> no, it is not. You are underestimating the time complexity of integrating your project with existing apps. Show me how many people are using SecureLogin 24 hours from now? By the way "tomorrow morning" without an exact date is vague.
"terrible usability. First one offers you to write down backup codes on a paper (which I never did)" -> use your personal anecdote as an evidence is not strong unless you show me statistics of how many people who wrote down backup code (I did).
2. Learn to write protocol documentation properly. At least include a figure of the protocol flow and pointer to your code location. No matter how interesting is your concept, many people will be put off digging through your github project to understand the protocol. Not everyone is familiar with Javascript.