Oddbean new post about | logout
inpc | 4 months ago (raw) | root | parent | reply | flag +2 
 Yeah I’ve not been comfortable with the idea of a single account for all the web, no matter how convenient. One service gets hacked and bang goes all that data
Karnage | 4 months ago (raw) | root | parent | reply | flag 
 If we had good multi-key management, this wouldn’t be as big of an issue because you could just swap keys on different services. I guess nsec.app already makes this somewhat easy to do, if more clients supported it
Dan | 4 months ago (raw) | root | parent | reply | flag +1 
 "logging in" with Nostr is quite different than logging in with a traditional account. When done correctly, the service or platform being accessed never touches your keys/credential/secret. This limits the blast radius of a hack significantly. Can't and shouldn't think of it the same way that you think of "an account"
Joe | 4 months ago (raw) | root | parent | reply | flag 
 My 2 cents is major app devs need to agree to stop allowing priv key logins (or at least hid them in a sub-menu) and only extension or bunker. But that would mean every iOS app would stop operation.
Dan | 4 months ago (raw) | root | parent | reply | flag 
 Yea I think there are two situations:

1) Nostr client login

2) Platforms that allow you to login with Nostr

Eventually #1 will be everything, but in the meantime there will likely be a lot of #2s. For #2 the platform just has to be able to prove you have ownership of your npub, which can be accomplished through DM