Replying to Avatar Jingles

Hey. In my next version which is currently being review. It has a bit more explanations in the FAQ section.

I’m short, it’s pretty save in my opinion. Because it’s is encrypted twice with 2 different things.

You need to lose your secret key, and also the password. In order to lose your data.

Also, if the community and user base likes it, I have plan to include one time password, so you can encrypt and decrypt with google Authenticator (or equivalent).
Avatar
franzap 2y ago

Congrats Jingles! What would be awesome is the ability to derive passwords ala LNURL-Auth instead of storing them - reducing considerably the attack surface. But still use nostr for usernames and other metadata

Derivation could be a password that satisfies the most typical requirements such as 8+ characters, uppercase, symbols, etc

Reply to this note

Please Login to reply.

Discussion

Avatar
Jingles 2y ago

Mmm, that sounds 🤯

Keen to learn more and understand what you mean by using LNURL auth to derive passwords.