Tip: Press Ctrl+Enter to generate
Output
Generated UUIDs will appear here…
UUID Generator
A UUID (Universally Unique Identifier) is a 128-bit value used to uniquely identify information in computer systems.
Version 4 UUIDs are randomly generated, making collisions astronomically unlikely — suitable for database primary keys, session tokens, file names, and any scenario requiring a globally unique identifier.
All UUIDs are generated using crypto.getRandomValues() for cryptographic randomness, entirely in your browser.
What this tool does
This generator creates version 4 UUIDs using crypto.getRandomValues() — the same cryptographic random source your browser uses for security-critical operations. You can generate 1 to 100 at a time, toggle uppercase or hyphen-stripped formats, and copy the full batch in one click. Everything runs locally; no IDs are logged or stored.
How to use it
- Set the count field to how many UUIDs you need (up to 100 per batch).
- Click Generate or press Ctrl+Enter.
- Check Uppercase if your system requires capital hex letters (e.g. some SQL Server contexts).
- Check No hyphens if you're storing UUIDs as a 32-character hex string without separators (common in MySQL binary columns).
- Use Copy All to copy the full list — one UUID per line — for pasting into SQL, config files, or test fixtures.
When to use UUIDs (and when not to)
- Database primary keys: UUIDs let you generate IDs client-side without touching the database first, which is useful in distributed systems or offline-first applications. The trade-off: random v4 UUIDs fragment B-tree indexes badly at scale. If insert performance matters, consider UUID v7 (time-sorted) or ULIDs instead.
- File uploads: Rename uploaded files to a UUID before writing to disk. This prevents path traversal attacks from user-supplied filenames and ensures no collisions even across concurrent uploads.
- Tokens and identifiers: Password reset links, magic login tokens, invite codes — UUIDs work well here. They're unguessable and long enough to be brute-force resistant.
- When not to use them: Don't use UUIDs where you need sequential IDs for human reference (order numbers, ticket IDs). Auto-increment integers are simpler and more compact. Don't use them as URL slugs — they're ugly and meaningless to users.
Frequently Asked Questions
What is the difference between UUID v1, v4, and v7?
UUID v1 is derived from the current timestamp and your machine's MAC address — sortable but privacy-leaking. UUID v4 is 122 random bits — not sortable, no information revealed, and the safest default for most uses. UUID v7 (a newer standard) uses a millisecond timestamp prefix followed by random bits, giving you sortable UUIDs without the privacy issues of v1. If you're building a new system and care about database index efficiency, v7 is worth considering.
Can two generated UUIDs ever collide?
In theory, yes. In practice, no. UUID v4 has 2122 possible values. To have even a 1-in-a-billion chance of a collision, you'd need to generate over 100 trillion UUIDs. For any application, this is safely negligible — but adding a unique database constraint on the UUID column doesn't hurt if absolute guarantees matter.
What is the difference between UUID and GUID?
They're the same thing. GUID (Globally Unique Identifier) is Microsoft's name for it — used in Windows APIs, .NET, SQL Server, and COM. UUID is the IETF/RFC 4122 term used everywhere else. The format is identical: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx, 32 hex digits plus 4 hyphens.
Is UUID v4 safe to use as a session token?
As long as it's generated with a cryptographically secure random source — which this tool uses — yes, UUID v4 has 122 bits of entropy, enough to be brute-force resistant. That said, a dedicated token library (like generating 32 random bytes and hex-encoding them) is slightly better for security tokens because all 256 bits are random, versus UUID v4's 122. For most use cases, UUID v4 is fine.
Want the full explanation? Read the guide: UUIDs vs Sequential IDs: A Practical Comparison →