For you and others following. Common in early nostr apps. The web-extension spec is defined in https://github.com/nostr-protocol/nips/blob/master/07.md. Most apps check for window.nostr, then fail silently when it's missing or blocked. There are also some popular extensions in that list.

I am glad Zach posted here also, I think nostr devs need some reality pull from "non-crypto normies". To be clear it is (hopefully) becoming more common practice to use a nip-07 web-extension for signing (hardware or software) or other methods such as NIP-46. To be clear though, a user on nostr will HAVE to interact with cryptography in some way as every message on the network is signed.

Im working on https://github.com/VnUgE/NVault as an option for more paranoid users that want a self hosted networked approach. But there are others listed here https://github.com/nostr-protocol/nips/blob/master/07.md

Finally, I wholly dislike the practice of offering an option of entering an nsec. Use a signing extension!