Security concern & improvement.
We recently witnessed a community member who have been around for years scammed. Seeing this, what might happen to the large number of newcomers soon is scary, not regarding scams like those but the overall security. New users are highly exposed due to the security gap the ecosystem has by design (Plain text seed stored in local storage with apps requesting even unlimited permission) and mainly the lack of user awareness about it.
I don't think there will be any quick fix regarding seed storage in browser, but user awareness can easily be improved. & The only good way to do it is to make some modification to the identity login flow since every user will go through it.
In the identity login flow, there should be a dedicated page to inform security measures such as the risk of malicious browser extensions, the risk of giving permissions to untrusted apps and a link to where they can control all their authorized derived keys to revoke access etc. Requested permissions list should also appear in detailed view with High level permission requests clearly marked.
The current login flow of Identity doesn't sufficiently inform new users of the risks they are facing, and that needs to be fixed. soon we will see numerous malicious extensions & apps. Without proper user awareness, we will see a disaster.
Gotchu with WrestleMania 41! Let's see if Iyosky vs. Bianca Belair gets predictions matched! wrestling community is mad hot right now, can't wait for the big stuff happening soon! ✊