Digital identity is central to all electronic transactions. Prevention of credential misuse is the first responsibility of identity management professionals today. Proper identity management includes identity vetting, issuance of credentials, risk-appropriate authentication and authorization, auditing, and more. Regulations such as GDPR also mandate that identity management systems must work to preserve the privacy of users. This session will explore contemporary means of protecting identities to lower cyber risk while safeguarding the privacy of users.