It's the "why" and the "how". Telling people why "Log in with Facebook/Google/Apple" is a problem is one thing, then convincing them that nsec's are the solution, with how to create and safely store and use them, is another. Most people simply do not care to go so far to protect their identity at the cost of convenience. Email and password makes sense, Apple ID makes sense, and is part of their flow already - nsec's are not.

The integration of nsec's into everyday usful apps must come first, in a way that is somewhat transparent to begin with. Then normalise the storing, securing, and utilising. But expecting users to 1) care and 2) put up with additional effort if they don't - good luck.