WebOfTrust introduce decentralized identifiers (DID) in their DID primer as follows. At a superficial level, a DID is simply a new type of globally unique identifier. But at a deeper level, DIDs are the core component of an entirely new layer of decentralised digital identity and public key infrastructure (PKI) for the Internet. This decentralised public key infrastructure (DPKI) could have as much impact on global cybersecurity and cyberprivacy as the development of the SSL/TLS protocol for encrypted Web traffic (now the largest PKI in the world).
A DID is an address on the internet that someone called a subject (you, a company, a device) can "own" and control directly, like a username but randomly generated. It can be used to find a connected DID document which is like a business card, providing extra information for finding or contacting or checking the signatures of that subject; that subject can update or remove that listing over time, directly.
Strictly speaking, a DID is a string that functions as an address. Sometimes people might use the term to refer both to the DID and the DID Document, When you use a DID Method to resolve the DID you get the associated DID Document. A DID without a DID Document is like a dead end!