Okay that is clear to me. Overall, that's a bigger security issue innit? All the power is focused on one single key instead of distributing it across different auth methods
Am I missing something?
Login to reply
Replies (2)
Well, if a person can't take responsibility for a private key then I don't know. However, nobody can sign anything without your key. 2fa is useless if a site, or database gets compromised. I think 2fa is obsolete since 2015 latest since web3 signers became a thing around 2018 (metamask etc). Nostr authentication is no different.
I agree. Overall the issue is always there though: one single information control everything else