Replying to Avatar jb55

password managers generate a unique password for each website. this means if one of your passwords leaks it won't compromise any of your other website logins.

nostr-login is a regression: if you leak your nsec then they have access to every website that you've ever logged in to.

using your npub for logging into everything is a really bad idea security wise, please be conscious of this before implementing or pushing this as a login solution to websites which may contain sensitive information.
Avatar
BitcoinAddict 1y ago

The npub should only serve as something to identify you. To actually login you should sign a message with your private key. Some kind of extension perhaps.

Password managers also have a single point of failure which is the password to get in the manager.

Reply to this note

Please Login to reply.

Discussion

No replies yet.