this post was submitted on 26 Feb 2026
27 points (100.0% liked)

Fediverse

40571 readers
828 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, Mbin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration)

founded 2 years ago
MODERATORS
ruud@lemmy.world
Xylinna@lemmy.world
MrCenny@lemmy.world
TragicNotCute@lemmy.world
automodbeta@lemmy.world
woelkchen@lemmy.world
27
How could online identity work without permanent usernames or unrecoverable accounts? (lemmy.world)
submitted 20 hours ago by Coleman@lemmy.world to c/fediverse@lemmy.world
5 comments fedilink hide all child comments
 

Most major platforms still rely on a very old identity model: one username, tied to one email, tied to one permanent account. Once something goes wrong — lost email, deleted account, forgotten recovery info — the identity is gone forever, even if the user wants to return.

Examples many people run into:

Deleted Reddit accounts permanently lock the username, even if the user returns years later.

Facebook accounts can’t be recreated once deleted, and recovery depends entirely on old email/phone access.

Steam accounts are tied to payment methods or emails people may no longer have.

Many services keep usernames in a permanent record even after deletion.

This creates a strange kind of digital permanence: you can delete an account, but you can’t delete the identity attached to it.

So I’m wondering:

Could online identity work without permanent usernames at all?

Could identity be modular or replaceable instead of tied to a single handle?

Would hardware keys, biometrics, or wallet‑stored codes solve the “lost email = lost account forever” problem?

Why do so many platforms treat usernames as permanent even after deletion?

Is this a technical limitation, a policy choice, or just legacy design?

Could federated systems eventually support more flexible identity models?

I’m curious how others think online identity should work, especially in a world where people change emails, lose access, or want to return to a platform without being locked out of their own name forever.

you are viewing a single comment's thread
view the rest of the comments
[–] JayleneSlide@lemmy.world 5 points 20 hours ago (1 children)

If I'm reading you correctly, this is what Decentralized ID (https://en.wikipedia.org/wiki/Decentralized_identifier) aims to resolve, not just for social accounts. I wrote the initial DID implementation for my previous employer, but FIs, especially credit unions (our primary customers) were still a ways off from implementing it.

My familiarity with ATProto (https://en.wikipedia.org/wiki/AT_Protocol) is extremely shallow, but as I understand it, ATProto can use DID. Hopefully someone else will come along and provide more info or correct my error.

[–] muntedcrocodile@hilariouschaos.com 4 points 19 hours ago

Atproto accepts 2 forms of did did:web (their own special snowflake identity system with trusted servers managing it so its not trustless) and did:pgp which is just pgp keys. Any identity system requires a source of truth in a cryptographic system that's the private key generated from a seed phrase (essentially same as a password) the source of truth is ur memory. The other source of proof is biometrics. Any system must come down to one of those 2 things.