--- url: 'https://www.corbado.com/glossary/decentralized-identifier' title: 'Decentralized Identifier (DID)' description: 'Learn what a Decentralized Identifier (DID) is, how it secures digital identity management, and why it matters for privacy and online trust.' lang: 'en' keywords: 'Decentralized Identifier' --- # Decentralized Identifier (DID) ## What is a Decentralized Identifier? A **Decentralized Identifier (DID)** is a unique [digital identity](https://www.corbado.com/blog/digital-identity-guide) managed by an individual or organization, independent of centralized registries or identity providers. Unlike traditional usernames or IDs controlled by external entities (like companies or [governments](https://www.corbado.com/passkeys-for-public-sector)), DIDs allow users to own, control, and manage their own digital identities securely. Key characteristics of [Decentralized Identifiers](https://www.corbado.com/blog/digital-identity-guide) include: - **Decentralization:** No central authority or single point of failure. - **Persistent and Resilient:** Remains stable over time, independent of any specific service or platform. - **Cryptographically Verifiable:** Enables secure verification of identity ownership using cryptographic methods. - **Privacy Preserving:** Users selectively disclose personal attributes, reducing unnecessary data exposure. DIDs are fundamental in systems like Self-Sovereign Identity (SSI), enabling secure authentication, credential sharing, and trust establishment without centralized databases or intermediaries. > **Key Takeaways:** > > - A **Decentralized Identifier (DID)** is a self-managed > [digital identity](https://www.corbado.com/blog/digital-identity-guide) that does not rely on centralized > providers. > - DIDs enhance [user privacy](https://www.corbado.com/faq/ensure-gdpr-compliance-with-passkeys), control, and > resilience through cryptographic verification and decentralization. > - They form the backbone of Self-Sovereign Identity (SSI) frameworks, enabling secure, > private digital interactions. --- ## Origin and Importance [Decentralized Identifiers](https://www.corbado.com/blog/digital-identity-guide) emerged as a response to growing concerns around privacy, data breaches, and [centralized identity](https://www.corbado.com/blog/digital-identity-guide) management. Traditional [digital identity](https://www.corbado.com/blog/digital-identity-guide) systems store sensitive user data in central databases, making them vulnerable to hacking, misuse, or loss of control. By contrast, DIDs provide a more secure, user-controlled alternative. ## How DIDs Work Each DID is typically represented as a string, similar to a URL. It points to a decentralized DID Document containing: - **Public Keys:** For cryptographic authentication and verification. - **Service Endpoints:** Locations where interactions or [identity verification](https://www.corbado.com/blog/digital-identity-guide) can occur. - **Authentication Methods:** Information on how users prove ownership of the DID. This DID Document is stored on decentralized networks or blockchains, ensuring no single authority can revoke or alter identity information without user consent. ## DID Methods and Standards Multiple DID methods exist, each utilizing different decentralized networks: - **did:web** – Managed via web domains, offering simplicity but moderate decentralization. - **did:key** – Based purely on cryptographic keys, with high decentralization and simplicity. - **did:ion** – Built on Bitcoin, providing strong decentralization and long-term persistence. - **did:ethr** – Utilizing Ethereum blockchain, widely adopted for secure identity management. The W3C DID standard ensures interoperability, defining core DID concepts, formats, and mechanisms for resolving and verifying DIDs across different platforms. ## Benefits and Applications [Decentralized Identifiers](https://www.corbado.com/blog/digital-identity-guide) are ideal for secure and private digital identity management in various scenarios, including: - **User Authentication:** Securely accessing applications without usernames/passwords. - **Credential Sharing:** [Verifiable Credentials](https://www.corbado.com/glossary/microcredentials) (VCs) allow selective, private sharing of identity attributes like age or qualifications. - **Supply Chain and IoT:** Securely identifying and authenticating physical assets and devices, improving supply chain security. - **Healthcare:** Safely managing sensitive medical records with full user control and minimal third-party exposure. ## Relation to Passkeys and Modern Authentication Decentralized Identifiers complement modern authentication methods like passkeys (FIDO2/WebAuthn) by offering secure, decentralized storage and management of digital identities. Combined, they create robust authentication solutions that enhance user control, reduce [phishing](https://www.corbado.com/glossary/phishing) risks, and strengthen privacy. ## Decentralized Identifier FAQs ### What is a Decentralized Identifier (DID)? A DID is a cryptographically secured, user-controlled digital identity that operates independently from [centralized identity](https://www.corbado.com/blog/digital-identity-guide) providers or databases. ### How do Decentralized Identifiers enhance privacy? DIDs allow users to manage their own identity data, selectively disclosing attributes only as needed, reducing reliance on third-party data storage. ### Where are Decentralized Identifiers stored? DIDs and their associated DID Documents are typically stored on decentralized networks or blockchains, ensuring resilience and decentralization. ### What standards govern Decentralized Identifiers? The W3C DID standard specifies formats, methods, and protocols, ensuring interoperability across various DID implementations and decentralized networks. ### Can Decentralized Identifiers be revoked or changed? Users maintain full control over their DIDs, including revocation or updates, without requiring permission from any external authority or central registry.