using a third party application or website to do this is just not something your average person is going to do.
the other stuff of nostr, things that are vastly websites, are barely used today. most people don't want to use extensions and signers. and many don't want to leave their current app.
for example, people stopped using nostr nests because i required them to sign in to nostr. it was too difficult to use an extension or a bunker. many people just do not use them or understand them. that blew my mind. and that's experienced users!
explaining this to new users when onboarding them is even worse! telling them about the other stuff and how they shouldn't enter their nsec, that they need a third party application, it's literally a death sentence. i see it in their faces. they think it's cool, but in practice, it's too new and too difficult.
referring to a dedicated application as a profile manager application is a nice touch. it should manage the user's profile and the user's profile permissions to sign events. and from there the application should recommmend other applications to use.
but im telling you, telling someone to go download a profile manager to continue exploring the ecosystem is part of the issue we have today with extensions and bunkers.
Replies (3)
This is a real challenge. And there will always be ‘levels’ of users based on experience, comfort, and security. I would love to see a simple hardware token, such as Yubikey support nsec via nfc. The masses are just now getting used to 2FA and a HW dongle would be user friendly.
People have gotten used to 2FA apps, password managers, hardware tokens and Passkeys; friction is always an issue, but I suppose they can also accept using a “profile center” if they are truly motivated by the quality and benefits of the services.
It's not that different from Bitcoin, if you think about it.
But you certainly have more experience than me at onboarding people, so I don't know what else to say, let's see how the situation evolves 🤞
That's a fair point that some people are already used to interacting with a secondary app for sign-in. Though, many people still get their MFA codes via SMS and for those that have migrated to other methods, copying some numbers and pasting them from an app that has all of your accounts is still very much different and much easier than a dedicated app for Nostr for signing a wide variety of transfers transactions. If it were as simple as MFA codes, you and I wouldn't be having this conversation.
It's very similar to Bitcoin except people rarely send or sign a Bitcoin transaction. Most people just HODL. We're asking people to do this potentially 1000 times a day unless they go with the fully trusted method. While similar, it's still something most don't do. Remember, we're always preaching for people to remove their coins from exchanges because that's where many people keep them.
I'm not saying I know best when it comes to users and what they want, I'm just speaking from experience onboarding and educating them over the last 3 years. I may not know best, but I have a good idea on their pain points and struggles and I have a good idea on what needs to be fixed and improved to alleviate those.
My goal is to take these experiences and issues and turn them into people that are able to do what they do best. Solve complex problems. Then the feedback loop should continue and these solutions should be discussed to make sure that they're still not too complicated or going to cause more problems or not solve anything at all by pushing the issue into the next bottleneck.
