Please sign up/in with Nostr on the website. I know, I know, you wouldn't like someone just putting their nsec on the website but what if you only allow signing in/up with extensions? And if it's possible with Amber as well.
Discussion
So far, the number of Rizful users who have contacted us and said "I've lost access to my Rizful node or vault, can you help me get back in?".... is zero. ZERO.
Why? Because to make a Rizful account, you need to provide an email address, and confirm that email address.
If we start allowing nostr-only sign-in, without an email backup, this number will start going up fast, and we won't be able to help these users, because all we have is their nostr public key.
I just don't understand how you can offer something that can store real funds and NOT provide some way to "recover" access.... an email address is a very useful and well-established way to allow someone to reset their password....
But even with email people can lose their funds if they have setup 2FA and lost the OTPs and recovery codes. I think that you even said on the website that if you lose the 2FA device and recovery codes you lose the account and funds. And you even encourage to use 2FA and as you said, no one has asked for help to get access.
So I politely disagree, I don't think is valid reason to not allow signing up with a nostr extension.