Oddbean new post about | logout
Dan | 4 months ago (raw) | root | parent | reply | flag +1 
 "logging in" with Nostr is quite different than logging in with a traditional account. When done correctly, the service or platform being accessed never touches your keys/credential/secret. This limits the blast radius of a hack significantly. Can't and shouldn't think of it the same way that you think of "an account"
Joe | 4 months ago (raw) | root | parent | reply | flag 
 My 2 cents is major app devs need to agree to stop allowing priv key logins (or at least hid them in a sub-menu) and only extension or bunker. But that would mean every iOS app would stop operation.
Dan | 4 months ago (raw) | root | parent | reply | flag 
 Yea I think there are two situations:

1) Nostr client login

2) Platforms that allow you to login with Nostr

Eventually #1 will be everything, but in the meantime there will likely be a lot of #2s. For #2 the platform just has to be able to prove you have ownership of your npub, which can be accomplished through DM