Why don’t we have an option to do two factor authentication on Nostr?
Discussion
Don’t quote me on this, but I think it has to do with the idea that your private key (nsec) isn’t a password, but it literally is your account, as it’s the only way to sign an event. 2FA services use third-party authentication, which is centralized.
Tagging some devs to try to get a better answer.
nostr:npub1cmmswlckn82se7f2jeftl6ll4szlc6zzh8hrjyyfm9vm3t2afr7svqlr6f nostr:npub1l2vyh47mk2p0qlsku7hg0vn29faehy9hy34ygaclpn66ukqp3afqutajft nostr:npub1zfss807aer0j26mwp2la0ume0jqde3823rmu97ra6sgyyg956e0s6xw445
So if someone hacked the mobile app or server would they have control of our account? Or is it not stored after being authorized? Is there any recovery mechanism? Incase of account takeover?