I was speculating about a key rotation for a security breach, or because the user lost the private key. In these cases you *want* to create a easy way to connect the two accounts and promote the last one as official.

About your idea of using a nip-05 address to login: you could add to the json a new field "encrypted_key" and there store the nsec protected by a password using a widely used algorithm. This way, you can bootstrap your account starting with a new device, just fetching the nip-05 data and decrypting the nsec with a memorized password.