Establishing a domain term like “username” is not simple. Taking Domain Driven Design seriously, we then need to make sure to end up with a meaning of the word that is both commonly accepted and precise. What we really are up to is to make “username” a part of the ubiquitous language talking about this system. There are several traps to avoid here, where three are extra risky.
The first trap is to become too techie – talking among the programmers, agreeing on some meaning, and settling for that. Problem is that the term never become ubiquitous, thus rendering it useless as soon as we want to communicate with people outside the tech clique.
Instead we need to involve all the people: programmers, DBAs, product owner, GUI designers, tech writers, and trainers. Why? Because we want (need) the same term being used with the same meaning in code, manual, training material, and GUI.
Second trap is to talk about usernames in general. It is completely fruitless and uninteresting to discuss the “true nature” of usernames or to find a definition that applies to a lot of systems.
Instead, what is useful for us is some definition of what a username is in this specific system. We should not pretend, not even strive for, that our definition of “username” will apply to some other system – our definition is bounded by the context of “this system at hand”.
Third trap is not being techie enough – settling for vague definitions. It is not enough to agree that the username is “some kind of identifier string”¨ - simply because that definition is not useful. What we need is something that can be turned into data structures, search schemes and validation code.
Instead, we need the courage to nail down a definition that is precise – and precise in the mathematical, logical sense. Here the bounded context comes to our help. The “weakness” that our definition only applies to our system turns into a strength; we can be very precise about our needs and need not take the rest of the world into account. Close each discussion with stating something along the line “so, in our system we define usernames to be strings of characters that are at least five characters long, maximum 25 chars, and consists solely of lowercase letters”.
So, if we end up with a definition of “username” that is shared and agreed ubiquitously among all involved, that applies specifically bounded to the context of our system, and that is so precise we can use it for coding – then we have established a term that has become a part of our ubiquitous language.
PS Of course, establishing ubiquitous, context-bounded, and precise definitions is crucial for security.