Your Keys, Your Identity
Learn how to generate, save, and protect your Nostr keys. The complete security guide for beginners. Follow the 3-2-1 backup rule.
Why This Matters
Unlike Twitter or Instagram, Nostr puts you in charge of your identity. There are no companies to ban you, no algorithms to suppress your content, and no customer service to lose your data. This freedom comes with responsibility—you own your keys, you control your account.
The good news? Securing your keys is straightforward. Follow this guide and you’ll be safer than 99% of users.
Understanding Keys (2 minutes)
Nostr uses cryptography to secure your identity. Don’t worry—you don’t need to understand the math. Just think of it like a lock and key system.
What Is a Key Pair?
Every Nostr user has two keys that work together:
npub1qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqnsec1q••••••qqqqqqYour Public Key (npub1…)
SAFE TO SHARE
npub1qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq
This is your username. Share it everywhere. Post it publicly. This is how people find you.
What you do with your npub:
- Share it on your website or other social profiles
- Give it to friends so they can follow you
- Post it publicly
- Include it in your email signature
Your Private Key (nsec1…)
NEVER SHARE - TOP SECRET
nsec1qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq
This is your password. Anyone with this can post as you. Lose it = lose your account forever.
Rules for your nsec:
- NEVER share it with anyone
- NEVER screenshot it (goes to cloud)
- NEVER save it in unencrypted notes
- NEVER paste it into random websites
- ALWAYS back it up securely (see below)
Why So Long?
Those strings look like gibberish because they’re cryptographic keys. Here’s why:
- 256-bit security: Makes it impossible to guess or crack
- Random generation: Even computers can’t predict it
- One-way math: You can’t figure out the private key from the public key
Think of it like this: There are more possible private keys than grains of sand on Earth. No one is guessing yours.
Generate Your Keys (3 minutes)
💡 Tip: While this key generator creates keys safely in your browser, you can also generate keys directly in most Nostr clients (like Damus, Amethyst, or Iris). Think of this tool as a “simulator” to practice with before using a real client.
Generate Your Nostr Keys
Create a secure key pair to access Nostr. Your keys are generated locally in your browser and never sent to any server.
Step-by-Step Instructions
-
Click “Generate New Keys”
- This creates a random key pair
- Watch the animation to understand what’s happening
-
Save Both Keys Immediately
- Copy your npub (green) to a safe place
- Copy your nsec (red) to a SECURE place
- Do this NOW before doing anything else
-
Verify You Saved Them
- Close the generator
- Reopen it
- Can you still access your keys?
Example Format (Not Real Keys)
Below is what Nostr keys look like. These are examples only—not valid keys:
Example Public Key (npub) format:
npub1qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq
Example Private Key (nsec) format:
nsec1qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq
These are example formats only—not valid keys. Use the Key Generator above for real test keys.
The 3-2-1 Backup Rule (2 minutes)
This rule comes from professional data management. Follow it religiously.
Backup Your Keys
Before proceeding, complete this checklist to ensure your keys are safely backed up. This is critical - lost keys cannot be recovered.
Security Tips
- • Never store your nsec in plain text files or screenshots
- • Don't share your keys with anyone, including "support"
- • Test your backup by restoring from it before deleting originals
- • Consider a hardware wallet for maximum security
The Rule Explained
3 copies of your nsec
- One isn’t enough. Two is better. Three is safe.
- If one fails, you have two backups
2 different media types
- Digital: Password manager, encrypted file
- Physical: Paper written by hand, metal plate
- Why different types? Digital fails differently than physical
1 offsite location
- At least one copy should be somewhere else
- Cloud storage counts as offsite (if encrypted)
- Safe deposit box, trusted friend/family member
Backup Methods Ranked
BEST (Do This):
- ✅ Password manager (1Password, Bitwarden)
- ✅ Written on paper, stored in safe
- ✅ Encrypted USB drive in different location
GOOD:
- ✅ Encrypted cloud storage (iCloud/Google Drive with encryption)
- ✅ Metal seed plate (fireproof/waterproof)
NEVER DO:
- ❌ Screenshot on phone (syncs to cloud)
- ❌ Unencrypted notes app
- ❌ Email to yourself
- ❌ Text message
- ❌ Save in browser autocomplete
What Happens If You Lose Your Keys?
This is why the 3-2-1 backup rule matters.
Unlike centralized platforms, Nostr has no “forgot password” button or customer support to recover your account. But don’t worry—following the simple backup steps below will keep you safe.
Think of it like this: You wouldn’t carry your life savings as cash in your pocket. You’d keep most of it in a bank (multiple backups) and only carry what you need. Your nsec is similar—store it securely, not just on your phone.
Security Best Practices (2 minutes)
The DON’Ts (Learn from Others’ Mistakes)
DON’T Screenshot Your Keys
- Screenshots sync to cloud (iCloud, Google Photos)
- Cloud accounts get hacked
- Deleting the photo doesn’t remove it from backups
DON’T Save in Unencrypted Notes
- Apple Notes, Google Keep, etc. aren’t encrypted
- Anyone with your phone/computer can read them
- Syncs to cloud by default
DON’T Share With Anyone
- Not your spouse
- Not your best friend
- Not “Nostr support” (there is no support)
- Not anyone, ever
The DOs (Best Practices)
DO Use a Password Manager
- 1Password, Bitwarden, KeePass
- Encrypted, backed up, accessible
- Generate strong passwords for clients too
DO Write on Paper
- Low-tech, highly reliable
- No batteries needed
- Store in a safe, lockbox, or hidden location
DO Use Nostr Signer Apps [ADVANCED]
- Apps like Amber (Android) store your keys securely
- Clients request signatures instead of storing keys
- Adds extra security layer
- Recommended for serious users
Common Mistakes (1 minute)
Security Quiz
Key Safety
Question 1 of 6
Horror Stories (Optional Reading)
These are real. Learn from them:
“I thought I backed it up”
“I saved my nsec in my password manager, but I forgot to sync it. Phone died. 2,000 followers gone. Had to start over.” — @nostruser123
“The screenshot that wasn’t deleted”
“I screenshotted my keys, then deleted the photo. Forgot about Recently Deleted folder. Someone restored it from my iCloud. Lost everything.” — Anonymous
“The ‘helpful’ stranger”
“Someone DM’d me offering to ‘verify my account.’ Asked for my nsec to ‘link it properly.’ I gave it to them. They stole my account and started posting scams.” — @learnedthehardway
✓ Key Backup Checklist
Advanced: Real-World Cautionary Tales
⚠️ Click to read: What happens without proper backups (optional)
While the 3-2-1 backup rule keeps you safe, here are real examples of what happened when people didn’t follow it:
Case Study 1: The Bitcoin Tips
A content creator received $50,000 worth of Bitcoin tips (zaps) over 6 months. Their phone was stolen—they had no backup. The tips were gone forever because the nsec was only on that device.
Case Study 2: The Influencer
A Nostr personality with 10,000 followers dropped their phone in a pool. No backup = starting from zero. Years of community building, lost.
Case Study 3: The Developer
A Nostr app developer with years of code contributions and technical discussions lost everything when their laptop crashed. No cloud backup, no second device, no recovery.
The common thread: All of these were preventable with a simple backup to a password manager or encrypted USB drive.
Questions? Check our FAQ for common concerns about keys and security.