Nostr Web Client

Why do you need one password to authenticate with the server? A token sent via email with a 10 minutes expiration is fine. The signup can require only the email and validate the account at the first login (step that usually is necessary anyway).

hodlbod 1y ago

I was thinking to authenticate further sessions, but you're right, you could do the email login every time, that's fairly familiar.

Reply to this note

Please Login to reply.

Discussion

daniele 1y ago

And the average user has just one device, max two, and don't has any tool to aggressively clear cookies (= sessions), so the need to redo the login should be quite rare.