Why should usernames be unchangable?

Question

I read everywhere (and see in practice) that usernames should not be changeable. When I ask why, \'security\' is given as a reason.

I\'ve been searching for a definitive

Answer 1

A difficulty arises if users are allowed to switch to names that have been used in the past. If users are always identified using some identifier that will never change nor be reused, it may be possible to safely and sensibly use a username from a UI standpoint if all transactions record both the identity of the user performing the transaction and the username at the time the transaction was performed. In that case, something like a message-board post could be labeled "By: SuperCat (as Mighty Kitty)". Supercat would be the present username of the poster, and Mighty Kitty would be the username the poster had when the post was written.