One thing I don't like about #selfsovereignidentity is that if you lose access to your private key you are usually out of luck. The same problem exists with #twofactorauthenticaton. I've lost access to my email and github accounts because of this before. I'm not saying they're "bad" it's just an unfortunate tradeoff sometimes.