The current consensus seems to be pushing towards an alby login. But with things like nsecbunker we could see some changes. I haven’t heard anyone defend nsec login input yet.
This is an ongoing topic of discussion.
I've been continuing to mull over the sign-in flow for Nostr apps. It seems more complex than the legacy system because of the need to account for more than one method of authentication: extension, public/private keys, nostr connect.
https://void.cat/d/YFiXaAVnb54ifi9FKmtsui.webp
Even if one method becomes standard in the future, I think there's still a question of how to accommodate users who continue using older methods. Examples and more thoughts in thread 🧵. cc nostr:npub1r0rs5q2gk0e3dk3nlc7gnu378ec6cnlenqp8a3cjhyzu6f8k5sgs4sq9ac / nostr:npub1x6gxrjdpacjc62x3y0e4lyfedzyy65kyj29t0026g4z0el2g70esc0rtxj
Tags: #ux #design
Discussion
On nsec login, although definitely not ideal, I wrote up a case for accomodating it at least in the short term.
I agree. Various users will have different risk tolerances and it’s ok if they screw up and leak key. At least in the short term until we have better solutions. Perhaps we could emphasize extensions but offer a nsec login option tucked away, explaining the risks.
Hopefully nsecbunker and things that follow it solve the issue.
I think most users won’t bother with mobile logins at all. I don’t even bother myself 🤷‍♂️ and that’s a lot of people who will never experience nostr on mobile.