I just tell people..
Here’s a new internet. It doesn’t have a “login”
You use this little add-on app for your browser and it follows you around the internet so you never have to trust another server with your private key or login, or create another profile again.
Until your kid spills milk on your laptop?
Life happens... crazy things happen....right?
Boom, extention gone? Back to your nsec?
I think nsec login should be the standard baseline. This lets new people assume the risk while searching for a UI / features that fits them best thus allowing desktop/mobile and general nostr client switchablity to become easier, while not having much to lose being new. This also allows devs to make the safer "best practice option things like Amber, nsec.app, etc a subscription for the continual security they provide and earn some sats for their hard work.
I think we're trying to make nostrs "best practices" built in as standard, not paid for features and its hurting nostr growth and adoption. 🤷
I tried to self host nsec.app with no luck. I want to verify the code I’m running and what computer is running it.
If a dev has a bug in their app and you trusted them with your nsec.. If compromised, attackers could snatch your entire npub and act as you across the web
I don’t know how you backup your nsec, nor do I care to know tbh. I just know I take best practices by running my own instance of nostr:npub1wyuh3scfgzqmxn709a2fzuemps389rxnk7nfgege6s847zze3tuqfl87ez and nostr:npub1ye5ptcxfyyxl5vjvdjar2ua3f0hynkjzpx552mu5snj3qmx5pzjscpknpr even says on the page “don’t trust me with your nsec”
I know that for me I would rather take responsibility for the actions I take online at every step, best practice for that is not pasting a secret all over the place
