Was not aware of this. What’s the best way to undo?
Sign out of all web clients, clear browser cookies and cache?
Thanks for the info 🤝
Hey! Are you a new Nostrich? Are you practicing safe nsecs?
https://void.cat/d/Ujcm7u44K6uqrcT2K5YGaK.webp
You should never enter your nostr private key (nsec) into web clients. Think of this as your password, but you can't change it, and it's used to post all of your events and notes on nostr. It's very important. You need to keep it safe!
So, if you're using a web client such as snort, primal, coracle, satellite, or iris etc., you should not be entering in your nsec private key into these websites. It's just good security practice! Some web clients won't even function or allow you to sign into them unless you're using a Nostr extension (sometimes referred to as NIP-07).
To help you and your private key stay safe, you may use a web browser extension to hold your key for you and sign your events and notes on nostr on your behalf. The two most popular ones are nos2x and Alby. Nos2x was developed by nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6 and is very basic, but to the point. nostr:npub1getal6ykt05fsz5nqu4uld09nfj3y3qxmv8crys4aeut53unfvlqr80nfm has some nice additional features included, such as a being a Lightning wallet, giving you a Lightning address, and a Nostr address.
I personally use them both for different situations. On desktop, I use Alby. On my Android phone with the Kiwi browser, I use nos2x.
If you have questions, do not be afraid to ask! 🤙
Discussion
Eu também quero aprender mais sobre ✌️
sure. see my response to the original question. if you have any other questions let me know.
if you entered your private key into a website, most likely that private key is stored in your browser cache. nuking it all would be all you would need to do. you'd most likely be safe then once you started using an extension.
that said, last December nostr had a bunch of cross site scripting attacks on a popular client at the time. those keys were considered burned and many people abandoned those keys for new ones.
i personally don't think you'd have that problem today with any of the popular clients though. i just wanted you to be aware of it.