There is always a risk that an individual Nostr private key become compromised.
If that were to happen, we are still fortunate that the thief cannot ban us from our account or prevent us from posting from our account.
If we implement a form of account protection that hasn't been thoroughly considered, we have to bear in mind the risk that we might end up in a worse situation where we could be locked out from our social media. Account security measures have to be considered very deep and hard.
Since notes are public, the main target area for theft is the account itself and our private messages. A separate password or passphrase to lock private messages would reduce that risk.
One solution to the risk of account theft is to create 1 or several Nostr backup accounts. Cheap and easy without relying on third parties or KYC. If the main account is compromised at a future point, those backup accounts would be the most authoritative on-Nostr channels for account verification. Creating and verifying those backup accounts before our account is compromised could be a good idea.
Leo Fernevak
npub1y0…zfvpl
2023-03-07 10:40:40
Author Public Key
npub1y02f89rpykzhqmrjjz99uwgyl9gh06sg0vpjmklu62rzxpx8mxps7zfvplPublished at
2023-03-07 10:40:40Event JSON
{
"id": "6d7b6cf3529e52b1b200444367b8f79313a77ff6951e964aeb5cb7a9120733eb",
"pubkey": "23d49394612585706c72908a5e3904f95177ea087b032ddbfcd2862304c7d983",
"created_at": 1678185640,
"kind": 1,
"tags": [],
"content": "There is always a risk that an individual Nostr private key become compromised.\n\nIf that were to happen, we are still fortunate that the thief cannot ban us from our account or prevent us from posting from our account.\n\nIf we implement a form of account protection that hasn't been thoroughly considered, we have to bear in mind the risk that we might end up in a worse situation where we could be locked out from our social media. Account security measures have to be considered very deep and hard.\n\nSince notes are public, the main target area for theft is the account itself and our private messages. A separate password or passphrase to lock private messages would reduce that risk.\n\nOne solution to the risk of account theft is to create 1 or several Nostr backup accounts. Cheap and easy without relying on third parties or KYC. If the main account is compromised at a future point, those backup accounts would be the most authoritative on-Nostr channels for account verification. Creating and verifying those backup accounts before our account is compromised could be a good idea.",
"sig": "9d07f53d68dd5d83351c8e235da473185dbc38fbfae2f35dfdf0d0d7d2355eb6df90980cb1e6ee4d7566c2e48dc5ba80deeee758fc0a9f57b8c09b8179af5d19"
}