Entering your key into a website makes you vulnerable to XSS (cross site scripting) events. Using Alby or nos2x is safer. It's like a Bitcoin wallet / signing device.
Discussion
I still don’t understand why. Seems like I wouldn’t ever want to enter my private key for any reason other than it’s primary purpose
That is the primary purpose though. To sign transactions. Not your keys, not your notes. If you feel safe doing that, that's on you. I'm just trying to give what's seen as best practice for your security. People have already lost their keys in XSS events in some clients.
its primary purpose is authorize anything you do. clients ask for it so the client can log you in and allow you to follow accts (pubkeys), make posts, DMs etc.
personally i use nos2x, something similar to the nostr alby extension abilities.
nos2x was made by #[2] the dude who created the nostr protocol