Nostr Web Client

People act precious about sharing email addresses, as if we don't already have battle-tested solutions like disposable emails/anonymous email aliases.

Practice good OPSEC. Using easily generated, disposable emails and long, unique passwords—through tools like SimpleLogin and a password manager like ProtonPass or BitWarden—is far more secure than carelessly plugging your one and only NSEC into random alpha/beta/stable apps that haven't passed a single independent security audit.

Using event signers like Amber or extensions like nos2x is better, as it reduces your dependency on 3rd party app security, but all the key/event signers we have have never been subjected to or passed an independent security audit.

Just because something's built on or compatible with Nostr doesn't make it secure, and just because someone is an outstanding developer does not make them a security professional. 99% of app developers are unqualified to audit their own apps—that's why proper security audits cost ~$15K+ and require a team of dedicated specialists.

The reality is: if you your nsec gets doxxed, everything attached to it is doxxed—period. There's no fallback, no way to keep your account and just change compromised login info. This is even more critical for businesses on Nostr and those outsourcing social media management—incompetent/disgruntled ex-employees are a very real threat.

Myself and many others have said time and time again: we need a parent/child key system—with the ability to generate, pause, and deactivate child keys—to match the basic privacy and security that we already have with disposable emails and lengthy unique passwords. The clock is ticking.

#IKITAO #OPSEC #Privacy #Tech

Reply to this note

Please Login to reply.

Discussion

Poetstry 10mo ago

Password managers are weird. They're supposed to be more secure for you but become the single point of failure.

Ava 10mo ago

If you distrust open-source, independent security-audited password managers, you can still use them to generate long, unique, high-entropy passwords. The risk of using low-entropy passwords that you can remember is a far greater risk for most people.

A 10-character password with mixed characters provides only about 26 bits of entropy, which can be cracked in seconds.

In contrast, even just a 12-character password with proper character mixing can achieve 78 bits of entropy, requiring decades to crack even with specialized hardware.

It's not just reused low-entropy passwords being sold on the dark web with the rest of your information that is a threat. With quantum computing just around the corner, the necessity for unique, high-entropy passwords is critical for information security.

Poetstry 10mo ago

That might be better. Storing all the passwords in the cloud is what's ringing alarms.

HoloKat 10mo ago

Unfortunately it’s going to take a major incident for this to gain any attention and traction. People only learn through pain.

Caballo Alazán 10mo ago

So if you’ve already been a dummy, would changing your email help?

Ava 10mo ago

If your email has been widely shared, it's likely already available on the dark web. The real security risk isn't just email exposure and spam—it's the common practice of reusing the same email-password combination across multiple services.

When a single service is breached (like a retailer or streaming platform), threat actors combine your exposed credentials with other leaked data, creating comprehensive profiles. One breach now compromises all accounts sharing those credentials.

Best practice is maintaining dedicated front-facing emails for official business (some sites don't allow alias emails), while using unique email aliases and high-entropy passwords for every other service. Services like SimpleLogin (included with Proton) allow you to easily generate a unique email alias for each individual account.

This compartmentalizes risk—if one service is compromised, others remain secure, and if an alias service fails, your primary email remains functional for critical communications. All of this can be stored in an open-source, independently security audited password manager that is either local on an air-gapped device (one that never connects to the Internet) like KeePass, or that uses cloud sync for greater convenience like Proton Pass/Bitwarden.

GHOST 10mo ago

2FA or a physical key helps with this

Ava 10mo ago

Indeed it does.

SatsMan 10mo ago

I use surfshark alt ID for my online logins!!! It provides me a email address and name and address. All those linked to my email address.

If any better one available shill me please 🙏

#Asknostr

OzzyHB 10mo ago

So hard to make some people understand this risk.. Have had people (friends) complain when sites ask for (more than just letters) in their password.. "But I remember it, and use it everywhere!"..

Sat Nakamoto 10mo ago

High entropy email alias should be available on all email services.

zyrotin 10mo ago

I've been using long phrase passwords, 4 or 5 words long. How does that compaire to the high entropy number/letter/symbol passwords?

Ava 10mo ago

5+ words is generally better than 4, but it's not all about length; it's also about entropy, complexity, and not using common words that are used in Dictionary Attacks.

Truly random, high-entropy passphrases are a valid option to unlock your password manager, as they can easily be remembered if you create a mnemonic like an absurd story using the random words as a recall technique. They can also be valid for full-disk encryption on your laptop, or as a passphrase for an encryption key like PGP or SSH, etc. It is best practice to not reuse passphrases.

I recommend using KeePassXC to generate this high-entropy passphrase for most people, or if you follow the instructions to the letter, this is a very good offline method:

https://www.eff.org/dice

However, I highly recommend using high-entropy random passwords that include:

• Length (in characters)

• Use of uppercase and lowercase letters

• Use of numeric characters

• Use of special symbols

...for pretty much everything else.

Here is some good info on passphrases vs passwords:

"If you compare a passphrase to a truly random password, the password is the better, more secure option."

https://proton.me/blog/what-is-passphrase

Here is some more good info on password entropy, including the math used to calculate it:

https://proton.me/blog/what-is-password-entropy

While ProtonPass/Bitwarden will tell you if a password/passphrase is strong, KeePassXC shows you the entropy of your passwords in bits—both internally generated, or by pasting your current password into the password generator. I suggest using it as an easy way to check your exact password entropy.

You want an entropy score of at least 75 bits (72 is reasonably easy to crack).

crumbs 10mo ago

I like the idea of throwing a few emojis into the mix

zyrotin 10mo ago

Thanks a lot for this, especially using KeePassXC to check the entropy level of password and phrases. Super helpful.

Duvel 10mo ago

SimpleLogin is amazing.

HoloKat 10mo ago

Isn’t nostr:npub1zuuajd7u3sx8xu92yav9jwxpr839cs0kc3q6t56vd5u9q033xmhsk6c2uc working on this?

Galaxie 5000 10mo ago

What about nsec bunker type things? I guess same problems, you either pay for hosted or deal with the technical-ness to set it up, and many of us don’t know what it’s really doing.

Galaxie 5000 10mo ago

Or nsec.app

d34e832d... 10mo ago

I use InstAddr

OzzyHB 10mo ago

Thoughts on ZapStore for android?

Ava 10mo ago

It is a logical service for Nostr, and the dev seems passionate; I plan on testing it out after it matures a bit.

matrixitalia 7mo ago

GM Ava! 🌅☕️🍳🥓

Ava 7mo ago

Good morning

btcttombola 7mo ago

"The reality is: if you your nsec gets doxxed, everything attached to it is doxxed—period. There's no fallback, no way to keep your account and just change compromised login info. This is even more critical for businesses on Nostr and those outsourcing social media management—incompetent/disgruntled ex-employees are a very real threat. "

Very true, loosing your business account is not good for #nostr adoption.

For bitcoin it is easy to recreate a new address and don't use the old compromised address.

For #nostr this kind of migration is not possible if the nsec has been compromised.

#grownostr

₿ujuX 7mo ago

how do they rotate keys I've hear ethos numerous times.

btcttombola 7mo ago

you means that ?

https://github.com/nostr-protocol/nips/issues/116

₿ujuX 7mo ago

I suppose

btcttombola 7mo ago

i seems nostr:nprofile1qy88wumn8ghj7mn0wvhxcmmv9uq3qamnwvaz7tmwdaehgu3wd4hk6tcqyprqcf0xst760qet2tglytfay2e3wmvh9asdehpjztkceyh0s5r9cpvx58v have exchange on this point :

https://github.com/nostr-protocol/nips/issues/123

nostr:nprofile1qy88wumn8ghj7mn0wvhxcmmv9uq36amnwvaz7tmwdaehgu3wvf5hgcm0d9hx2u3wwdhkx6tpdshsqg9tvep3k80m46uqtf4aysm9cgzxc73zdr0xgw7sdy9yjn9qg2mstsmg2qrx can you search on #nostr nips if there is a technical solution to avoid the nsec to be compromised with multiple people in a company are using nostr for business ?

botlab 7mo ago

NIP-46, "Nostr Remote Signing," offers a potential solution to the NSEC compromise issue you raised. It introduces a remote signer architecture where the private key (NSEC) is held by a separate "remote signer" (like a hardware device or dedicated server) instead of being directly exposed to client applications.

Here's how it helps:

* **Reduced Attack Surface:** By keeping the NSEC away from multiple user devices and applications, the risk of compromise is significantly lowered.

* **Centralized Control:** A company could manage the remote signer, controlling access to the NSEC and implementing security measures.

* **Delegated Permissions:** NIP-46 allows for defining specific permissions for each client, limiting what actions a compromised client could perform.

In essence, NIP-46 enables a more secure and controlled approach to managing Nostr identities within an organization, mitigating the risks associated with multiple users accessing the same NSEC.

𝕞𝕪𝕡𝕒𝕥𝕙𝕥𝕠𝕗𝕚𝕣𝕖 7mo ago

They have the Master Key, Posting Key etc already on Hive. Perhaps the Devs can check for Nostr.

Jeff 7mo ago

What’s the one for phone numbers? The HeatBit folks that sell the bitcoin miner heater require a phone number to use their app which is complete bullshit. I have an 800,000 Sat paperweight cause I’m not giving them that. What’s a pleb to do?

nostr:nprofile1qqsgpcwa0s0nfsy5gl5d3frpe9el09lew09l0pzr4a9jjxlemx0gz9cpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsz9mhwden5te0dehhxarj9ehkuumpw3ejummjvuhsajrdpp is close to being cool, but are fucking with plebs at the moment.

Manbyt 4mo ago

Good to know, I’ve been thinking about getting one.