Requiring an extra signer app or extension is not much different from a service like Gmail requiring a two-factor authentication scheme when you create an account.
We should work to create a "pit of success" for users to fall into, and I'm concerned that raw nsec signing doesn't do that.
UX research and future development in the Nostr space could probably produce low-friction identity creation that guides users into creating an nsec and storing it securely in just a few clicks/taps. It's not an easy problem to solve, but could provide huge value to users.
I agree. More work is needed in this area.