Home/ Generator/ UUID generator

UUID generator

Generate one or many version-4 UUIDs (universally unique identifiers). Uses crypto.randomUUID for true randomness.

How many?

Casing

Wrap in braces Include hyphens

Result

What this tool does

Generates RFC 4122 version-4 UUIDs (universally unique identifiers). A v4 UUID looks like 9e6c4d3a-5b8d-4f6a-b3e4-2a7c1d3e4f5b: 36 characters, 32 hex digits in five groups separated by hyphens, with two fixed bits indicating the version (4) and the variant (RFC 4122).

What "universally unique" means

A v4 UUID contains 122 bits of randomness. There are about 5.3 × 10³⁶ possible v4 UUIDs. The probability of two randomly generated UUIDs colliding is so small that, even if you generated a billion UUIDs every second for a hundred years, you'd be unlikely to ever see a collision. In practice, treat v4 UUIDs as unique without coordination.

When to use a UUID

As a primary key in a distributed database where multiple nodes mint IDs.
As a file or object name in a system where you don't want to coordinate naming.
As an idempotency key for an HTTP request.
As a session, request, or correlation identifier in logs.
As an opaque token that doesn't leak ordering or count information.

UUID versions, briefly

Version	Source	When to use
v1	Time + MAC address	Rarely. Leaks ordering and host identity.
v3	MD5 hash of a namespace + name	When you need the same UUID for the same input.
v4	Pure randomness	Almost always. This tool generates v4.
v5	SHA-1 hash of a namespace + name	Like v3 but with a better hash.
v7	Unix time + randomness (2024 RFC 9562)	Becoming popular for database primary keys; sortable by creation time.

Display variants

The canonical form is lowercase, hyphenated, no surrounding characters: 9e6c4d3a-5b8d-4f6a-b3e4-2a7c1d3e4f5b. Some legacy systems use uppercase, wrap in braces (Microsoft's GUID style), or strip the hyphens for compact storage. All four combinations represent the same UUID and can be converted with no loss.

Source of randomness

This tool uses crypto.randomUUID() when available, which is implemented natively in modern browsers using the same secure RNG used by HTTPS. On older browsers, it falls back to crypto.getRandomValues with manual version/variant bit setting. Either way, the output is cryptographically secure.

Privacy

UUIDs are generated locally. None of them are saved.

Frequently asked questions

Are UUIDs really unique?

Practically, yes. The probability of two random v4 UUIDs colliding is negligible — you'd have to generate trillions before having a meaningful chance. Treat them as unique without coordination.

Should I use v4 or v7?

v4 if you just need a random identifier. v7 (added to the spec in 2024) is better when you want the identifier to be sortable by creation time, useful for database primary keys.

Can I use UUIDs as URL slugs?

You can, but they're ugly. URLs read better with descriptive slugs. Use a UUID where the URL is opaque (sharing tokens) and a slug where the URL is meant to be read or memorized.

Is the lowercase or uppercase form correct?

Both — they represent the same value. The canonical form per RFC 4122 is lowercase, but many systems accept either.

Is the generator cryptographically secure?

Yes. It uses crypto.randomUUID where available, falling back to crypto.getRandomValues. Both are required to be cryptographically secure by the Web Crypto API spec.