The device IDs are generated based on the hardware IDs of the STM32 microcontroller and cannot be changed. Each ID is associated with an account with a public/private key pair along with access tokens. So by simply knowing someone’s device ID will not give you access to their Core.
We are currently thinking about using names instead/in-additon to the device IDs to make things easier.
Hope this helps!