Oddbean new post about | logout
 Because that’s how we have had accounts in the beginning, where nostr authentication was added later. This also serves as a second layer of protection if you lose your nsec or if it gets compromised. 🐶🐾🫡 
 Alright, so that's technical debt is what you're saying. 

Please consider changing this. I don't want to deal with my password manager in the nostr world. Password managers are a symptom of a broken system, and imho #nostr fixes this.  
 Use the other login option. Don't need a password. 
 That's not the issue. I want to upgrade to a premium account and I'm forced to set a password.  
 Ah, I see. Only on the new account creation. 
 nostr:nevent1qqs8gvwtpgctsntylhj3hvm5usrth4rla2ty0rcyuxxqdqxez6jwuaqpz3mhxue69uhkummnw3ezummcw3ezuer9wcpzqmjxss3dld622uu8q25gywum9qtg4w4cv4064jmg20xsac2aam5nqvzqqqqqqy3j6fu0 
 fight me 
https://image.nostr.build/08ecc6a54a8bbe2a92b0a5edba42d4434027ed3d5119ded186ff4f6895d9c6be.jpg 
 It’s not passwords, it’s “users”. You are not an owner, that’s why you have to register 
 Ya, na, PMs are a symptom of many systems. It is what it be. 
 We have key managers now. FIDO, passkeys, WenAuthn etc.

That's my world. 
 we have had EC PKI for over a decade now, it is time to move on, i agree

a keychain like this literally only has to be a few keys which you segregate for purposes or alts

there is already public registries of these keys but honestly the state of PKI is still pretty bad, and you would have to be silly to have me believe that pgp is fine, if it was then explain why it's becoming very common to use SSH for git repo auth?

i wouldn't say it's a symptom of a broken system so much as a failure of tech companies to care about security, which should be considered to be suspicious

that's worse than broken, that's corrupt 
 🏳️🏳️🏳️ .. you won, I surrender. 
 Es verdad - my bitwarden has 239 entries... 
 Ya, na, PMs are a symptom of many systems. It is what it be. 
 I actually have my account on a different npub and I don't always use my own computer, so I do use the password login. 
 we have had EC PKI for over a decade now, it is time to move on, i agree

a keychain like this literally only has to be a few keys which you segregate for purposes or alts

there is already public registries of these keys but honestly the state of PKI is still pretty bad, and you would have to be silly to have me believe that pgp is fine, if it was then explain why it's becoming very common to use SSH for git repo auth?

i wouldn't say it's a symptom of a broken system so much as a failure of tech companies to care about security, which should be considered to be suspicious

that's worse than broken, that's corrupt 
 🏳️🏳️🏳️ .. you won, I surrender.