True, although this flow is arguably also available in normie land via passkeys (with a bit less portability but higher security compared to nsecs)
Logging into Nostr services is so wonderful. When I don’t have my password or my manager is acting up (happens often) on mobile, I just give up and wait until I’m on desktop again.
But I just did this with nostr:nprofile1qqsfnz2sqsflkatdssmeztxr90s8xrd7r07xkhfwaa6eu9zkcguljpgpvemhxue69uhkv6tvw3jhytnwdaehgu3wwa5kuef0dec82c33ws6hwcecdqenwatgddsh2wt5wdmnsvnndfuxuer3xq6xgvmw8pcrvve5w468qerxweengardx4ux6apjwdckw6ekv34k20mzwfhkzerrv9ehg0t5wf6k2qgswaehxw309ahx7um5wghxcctwvs4mlxg8 and remembered they had the “login with DM” and in a few seconds was in my account.
I love it. The key based web is gonna solve so many annoying fucking problems😭🙏🏻
I do have a question for nostr:nprofile1qqsglv2qkn5dmmuhee9cy8fywfu2rfp4xd3xy0myqg2gfvmjl9yqqrqpzemhxue69uhhyetvv9ujumn0wvh8xmmrd9skcqg0waehxw309ajjumn0wvhxcmmv34hcyf though, I don’t seem to have anyway to upload media on mobile. Is this my browser or is there something not showing right on the mobile version of the page? 🤔
Discussion
True, but the trade off is bigger there, imo. With the email login I still have to login to my email, which very often send me down the same circular shit with verifying another code somewhere else. And 90% of the time they add a captcha too. Not to mention email is often the most vulnerable and attacked service.
Whereas with Nostr keys they don’t have to care if my IP is different, and my Nostr client isn’t storing my keys on their servers to be hacked and compromise 10 million accounts at once, and my Nostr client experience is just faster and simpler than the alternatives I have with every legacy service.
I am implementing passkey support for a company and I can say it is significantly more convenient than the state of Nostr login, and the same if not more secure
Agreed, although a lot of that is companies just generally sucking at this kind of thing. We could theoretically just do straight passkey signup / signin without all the extra stuff. It's largely equivalent technology as I understand it