It's not a good idea just because the more secure options have shitty UX. It doesn't sacrifice some security. It sacrifices all security. You're at the mercy of whatever potentially shit tier app you're tossing your key into. Instead of one dedicated app or service, you make it all of them. Users would need to understand up front that they can lose their entire identity on Nostr if they lose that key. My probably unpopular opinion is that we shouldn't send anyone into the Nostr flow at all yet unless they are technical enough to grasp the dangers and how keys work. At least not if they plan on putting a lot of work into an npub without understanding key security. Social identity should be just as important as something like Bitcoin keys, in my opinion. I refuse to login to anything that doesn't use Amber at this point (using my primary identity). I prefer something totally offline, but Amber is the best I have found.