{"type":"rich","version":"1.0","title":"tonyacid25 wrote","author_name":"tonyacid25 (npub1y4…698kc)","author_url":"https://yabu.me/npub1y4ttdlnejxnn69f07wkssnh9j8wt34pjvc3w4j07rgz0lfaylavq0698kc","provider_name":"njump","provider_url":"https://yabu.me","html":"thank you, but I have a concern with this solution. \none string like nsec is prone to be pasted accidently into a text field of another app that immediately sends it to a server before hitting a  \"submit\" button. At that point you loose your nostr identity... huge security risk imho. \nAnd if we aim to onboard another billion users to nostr, we can't expect people would be careful enough and take appropriate measures. \nI agree external signer creates additional layer of complexity. So, I wonder if a \"middle ground\" solution could be applied. \nOne thing that comes into my mind would be at least splitting nsec into two parts on UI level (aka login and password). So if you paste this accidentally into wrong text field, you don't loose your identity. \nDon't you think single nsec string imposes such security risk?  \n\n"}