Most people treat identity as a service someone else runs for them:
Google handles your email, Facebook holds your social graph, Apple stores your keys.
Lose access and you lose yourself online.
Digital sovereignty means running your own identity stack — or at least knowing how you could.
Start With Your Name
Own a domain.
- One that points to you, not a platform
- Used for email and logins
- Portable across providers when you migrate
A rented username isn’t sovereignty.
Control Your Keys
Two-factor and password managers are part of the stack:
- Use a password manager you control (local or cloud, but exportable)
- Store recovery codes offline
- Keep hardware keys (FIDO/WebAuthn) where you decide
Your identity shouldn’t depend on an app store’s mood.
Decentralised Authentication
Protocols like IndieAuth, WebAuthn and DIDs (decentralised identifiers) are early but promising:
- Prove “you are you” without a single corporate gatekeeper
- Work across multiple services
- Reduce tracking by breaking centralised logins
You don’t have to run them now, but you should know they exist.
Segmentation and Redundancy
Don’t tie everything to one account:
- Separate personal, work, and admin identities
- Keep at least one fallback email address outside your main provider
- Test recovery — can you log in if your primary service locks you out?
Redundancy applies to identity like any other critical system.
Document the Stack
Write down:
- Where your domains are registered
- Where your keys live
- How to recover accounts if you’re locked out
Future you will need this when you’re tired or panicked.
Agency Over Convenience
A personal identity stack is extra work, but it’s leverage.
When platforms shift terms or vanish, you still exist online on your terms.
That’s sovereignty worth building.