Identity theft is a result of the domain-centric, disjointed architecture of the Web. The Web is unable to manage identity without a global namespace. This "each domain for themselves" model makes global security of identity impossible. The Mesh's cryptographic namespace, on the other hand, allows for the creation of unique keychains per person or non-person entity. Domains can lock their users accounts using unique keys stored on their keychains. Data breaches are symptoms that the domain-centric model of data security on the Web is flawed. The Web does not have built-in cryptographic protection at the entity or person level. Each domain must secure its own data. This approach increases the global surface of attack and places "domain insiders" in the middle, creating vulnerabilities and liabilities.