because it's a flow people are much more familiar with than keys and we can use NIP-46 to delay the introduction of keys
Discussion
Sounds more complicated, TBH. So a user signs up with email & pass and can use Nosta to set up their profile. Then they want to use Snort, how do they log in?
I am not sure it is easier to explain this stuff further down the road to users. My guess is they will just stick with email & pass if it's convenient.
They authorize Snort just like they use most OAuth flows (“do you allow this app to connect to your nostr account?”)