UUID Generator
Generate random UUID v4 identifiers instantly. Cryptographically secure, browser-based, and free.
UUID v4 uses 122 random bits for virtually collision-free unique identifiers.
Generate one identifier for a record, or create a batch for fixtures, migrations, and API examples.
Standard format
Use hyphenated lowercase UUIDs for most APIs and databases: 8-4-4-4-12 hex characters.
Bulk batches
Batch generation is useful for seed data, test fixtures, and spreadsheet imports where every row needs its own identifier.
Security boundary
UUIDs identify resources. Use a separate cryptographic token for passwords, API keys, sessions, and one-time links.
Database note
PostgreSQL has a native UUID column type. Storing UUIDs as text works, but it uses more space and compares more slowly.
What Is a UUID and When Should You Use One?
A UUID (Universally Unique Identifier) is a 128-bit number formatted as 32 hexadecimal digits in five groups: 550e8400-e29b-41d4-a716-446655440000. The key property: any two UUIDs generated anywhere in the world at any time are virtually guaranteed to be different. No coordination needed.
A v4 UUID has 122 random bits (version and variant bits are fixed), giving 2122 possible values — roughly 5.3 × 1036. You would need to generate about 103 trillion UUIDs before the probability of any collision reaches one in a billion. That is why databases, distributed systems, and APIs use them as primary keys without central coordination.
This generator creates v4 UUIDs (random), the most common type. Each one is generated using your browser's cryptographic random number generator, so they're suitable for production use. Generate one or many, copy, and paste into your code.
UUID Versions Compared
| Version | Based On | When to Use |
|---|---|---|
| v1 | Timestamp + MAC address | When you need time-ordering and traceability (leaks MAC address) |
| v3 | MD5 hash of namespace + name | Deterministic IDs from known input (use v5 instead, MD5 is weak) |
| v4 | Random numbers | General purpose, most common. This is what this tool generates |
| v5 | SHA-1 hash of namespace + name | Deterministic IDs where same input always gives same UUID |
| v7 (new) | Timestamp + random | Sortable by time, better database index performance than v4 |
What this means for you: Use v4 for general-purpose IDs. If you need sortable, time-ordered IDs (better for database performance), consider v7 UUIDs or ULID. If you need deterministic IDs (same input → same UUID), use v5.
UUID vs Other ID Formats
| Format | Length | Sortable | Best For |
|---|---|---|---|
| UUID v4 | 36 chars | No | General-purpose unique IDs |
| UUID v7 | 36 chars | Yes (by time) | Database primary keys |
| ULID | 26 chars | Yes (by time) | Compact, sortable alternative to UUID |
| NanoID | 21 chars (default) | No | URL-safe, compact IDs |
| Auto-increment | Variable | Yes | Single-database systems (leaks count) |
| Snowflake ID | 18-19 digits | Yes (by time) | Distributed systems (Twitter, Discord) |
UUID Practical Considerations
Database performance
Random v4 UUIDs cause index fragmentation in B-tree databases (PostgreSQL, MySQL). v7 UUIDs or ULIDs are time-ordered, so inserts are sequential and indexes stay efficient. Use v7 for high-write databases.
Storage format
Store UUIDs as native UUID type (16 bytes) in PostgreSQL, not VARCHAR(36). The text format with hyphens takes 36 bytes plus overhead. Binary storage is 2x smaller and compares faster.
Don't expose sequential IDs
Auto-increment IDs (user/1, user/2, user/3) leak information: how many users you have, when they signed up, and make it trivial to enumerate resources. UUIDs hide this.
UUIDs aren't secrets
UUIDs are unguessable but not secret. Don't use a UUID as an authentication token or session key. An attacker who intercepts a UUID can reuse it. Use proper cryptographic tokens for security.
Generating UUIDs in Code
| Language | Code |
|---|---|
| JavaScript | crypto.randomUUID() |
| Python | import uuid; str(uuid.uuid4()) |
| PostgreSQL | gen_random_uuid() |
| Ruby | SecureRandom.uuid |
| Go | uuid.New() // google/uuid |
| CLI (Linux/Mac) | uuidgen |
JavaScript's crypto.randomUUID() is available in current browsers and Node.js 19+. No library needed, it's built in.
Choosing a UUID Format
UUIDs are the same 128-bit value whether they are shown with hyphens, without hyphens, in uppercase, or inside braces. Format choice is usually about the system you are pasting into.
If a system accepts more than one format, standard lowercase with hyphens is the least surprising choice for logs, API examples, and support tickets.
| Format | Example | Use It For |
|---|---|---|
| Standard | 550e8400-e29b-41d4-a716-446655440000 | APIs, PostgreSQL UUID columns, logs, documentation |
| No hyphens | 550e8400e29b41d4a716446655440000 | Systems that store compact hex strings |
| Uppercase | 550E8400-E29B-41D4-A716-446655440000 | Older systems or style guides that require uppercase hex |
| Braces | {550e8400-e29b-41d4-a716-446655440000} | Windows registry, COM, and some configuration files |
Collision Risk in Plain English
A v4 UUID has 122 random bits after reserving version and variant bits. That is enough space that accidental collisions are not the practical risk for most applications. Bad generation methods, copying the same ID twice, or using UUIDs where secrets are needed are more common problems.
Good use
Creating identifiers independently across services, queues, local-first apps, migration scripts, and offline devices.
Poor use
Replacing session tokens, API keys, password reset links, or anything that needs expiry, revocation, and deliberate secret handling.
Real risk
Duplicating rows during imports, seeding fixtures without regenerating IDs, or using a weak random source in old code.
Practical guardrail
Keep a unique constraint on the database column. The constraint should never fire in normal use, but it protects data if a workflow goes wrong.
Database and API Notes
| Context | Recommendation | Reason |
|---|---|---|
| PostgreSQL | Use the native uuid type | Stores 16 bytes and validates the format |
| MySQL | Consider BINARY(16) for large tables | Smaller than storing 36-character text |
| REST APIs | Keep standard hyphenated strings | Human readable and widely accepted by clients |
| URLs | Use lowercase standard form unless a system says otherwise | Lowercase avoids duplicate-looking representations |
| High-write tables | Evaluate UUID v7 or ULID | Time ordering reduces random index inserts |
Bulk Generation Checklist
Fixtures and seed data
Generate stable IDs only when tests depend on specific relationships. For throwaway fixtures, regenerate IDs so copied data does not collide.
Spreadsheet imports
Add one UUID per row before import if the destination system does not create IDs for you. Keep the column as text in the spreadsheet so hyphens are preserved.
Logging and tracing
A UUID can label one request, job, or transaction across several log lines. Use a different field for user IDs so trace IDs do not become business identifiers.
Related Tools
How to use this tool
Choose the number of UUIDs to generate
Click Generate to create new UUIDs instantly
Copy individual UUIDs or all at once
Common uses
- Generating unique database primary keys
- Creating unique identifiers for API resources
- Assigning session or transaction IDs
- Producing unique file names to prevent collisions
Share this tool
Frequently Asked Questions
What is a UUID?
Are UUIDs truly unique?
Is this generated server-side?
What format options are available?
What's the difference between UUID v4 and v7?
Should I use UUIDs as database primary keys?
How do I store UUIDs efficiently in a database?
What's the difference between UUID and GUID?
Can I generate UUIDs in my code?
Are UUIDs secure enough for tokens?
What's a ULID and how does it compare?
Can I generate UUIDs in bulk?
Results are for general informational purposes only and should be checked before use. They are not professional advice. See our Disclaimer and Terms of Service.