DevToolBox
Developer ToolsTools & Guides

UUID Generator Online – Create Unique IDs Instantly

Generate one or many UUIDs in v1, v4, or v7 format instantly

No signup • Runs in browser • Free

Generate UUID Now →

You are setting up a new database table and reach for an auto-increment integer as the primary key. It works — until you need to merge data from two databases, shard across multiple servers, or let a client generate a record ID before it hits the backend. Auto-increment IDs are sequential and server-dependent. They collide the moment more than one system is involved. A UUID solves this by generating an ID that is statistically guaranteed to be unique across every system, everywhere, without any coordination. A UUID generator online produces one — or a hundred — in a single click.

UUIDs appear in database primary keys, API resource identifiers, idempotency keys, session tokens, file names, and distributed tracing headers. Understanding the difference between UUID versions — and why v4 is not always the right answer — saves debugging time when IDs end up unsortable, unindexable, or unexpectedly collision-prone.

# UUID v4 — randomly generated, no embedded information:
f47ac10b-58cc-4372-a567-0e02b2c3d479

# Structure: 8-4-4-4-12 hex characters, separated by hyphens
# Version digit (4th group, first char): 4 = v4
# Variant bits (5th group, first char): 8, 9, a, or b

# UUID v7 — time-ordered, sortable (preferred for database keys):
018c4f3a-1234-7abc-9def-0123456789ab
# ↑ First 48 bits encode millisecond timestamp — rows insert in order

# UUID v1 — timestamp + MAC address (avoid for new work):
550e8400-e29b-11d4-a716-446655440000
# Exposes server MAC address and creation time — privacy concern

# Probability of collision for v4:
# Generating 1 billion UUIDs per second for 100 years ≈ 50% chance of one collision

Quick summary

  • A UUID is a 128-bit identifier formatted as 32 hex characters in five hyphen-separated groups.
  • UUID v4 is randomly generated and suitable for most uses. UUID v7 is time-ordered and better for database primary keys.
  • UUIDs can be generated client-side without a server, making them ideal for distributed systems and offline-first apps.
  • DevToolBox tools run entirely in your browser — no signup.

What Is a UUID?

UUID stands for Universally Unique Identifier, defined in RFC 4122. It is a 128-bit number represented as 32 lowercase hexadecimal characters grouped into five sections separated by hyphens: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx. The groups contain 8, 4, 4, 4, and 12 characters respectively, giving the familiar format you see in database primary keys and API responses.

The "universally unique" part is a probabilistic guarantee, not a mathematical certainty — but the probability of a collision between two randomly generated v4 UUIDs is so astronomically small that it is treated as impossible in practice. With 2^122 possible values, you would need to generate roughly one billion UUIDs per second for 100 years before reaching a 50% chance of generating one duplicate. For all practical purposes, every UUID you generate is unique.

Unlike auto-increment integers, UUIDs require no central authority to assign them. Any system — a server, a browser, a mobile device, a CLI tool — can generate a UUID independently and be confident it will not clash with any other UUID generated anywhere else. This decentralisation is the core reason they are used in distributed systems.

UUID Versions – v1, v4, and v7

The UUID specification defines several versions, each with a different generation strategy. Three are relevant for everyday development.

  • Version 1 (time + MAC address). UUID v1 embeds the current timestamp and the generating machine's MAC address. This makes each UUID unique and time-ordered, but it leaks information: anyone who inspects the UUID can extract the creation time and the hardware address of the machine that generated it. Avoid v1 for new work unless you specifically need the embedded timestamp and are unconcerned about privacy.
  • Version 4 (random). UUID v4 is generated from 122 bits of cryptographically random data. It embeds no information about when or where it was created. This is the right default for most uses: API resource IDs, idempotency keys, session identifiers, file names, and any context where you want a unique opaque token with no embedded metadata.
  • Version 7 (time-ordered random). UUID v7 is a newer format that encodes a millisecond-precision timestamp in the first 48 bits, followed by random data. Because the timestamp comes first, v7 UUIDs sort chronologically — rows inserted later sort later. This makes them significantly better than v4 for database primary keys, where random UUIDs cause index fragmentation and poor insert performance on B-tree indexes. If you are choosing a UUID version for a database primary key, v7 is the current recommendation.

Why Developers Use UUIDs

The fundamental advantage of UUIDs over sequential IDs is that they can be generated without a database round trip. This opens up a range of architectural possibilities.

  • Distributed systems and database sharding. When data lives across multiple database shards, auto-increment integers collide — shard A and shard B will both generate a row with ID 1. UUIDs are globally unique by construction, so merging data from multiple sources requires no ID remapping.
  • Client-generated IDs. In offline-first apps and optimistic UI patterns, the client creates a record and assigns it an ID before the server has seen it. With auto-increment, the client must wait for the server to return the ID. With UUIDs, the client generates the ID itself, sends it with the record, and the server stores it as-is.
  • Idempotency keys. Payment APIs and job queues use idempotency keys to prevent duplicate operations. Generating a UUID client-side and including it as the idempotency key ensures that retrying a failed request does not submit a second charge or job.
  • Security through obscurity of IDs. Sequential integer IDs make it trivial to enumerate records: /users/1, /users/2, /users/3. UUIDs make enumeration attacks impractical. Note that access control is still required — an unguessable ID is not a substitute for authorisation.
  • Test data and fixtures. When writing tests or seeding a database, you often need stable, known IDs. Generating a UUID for each fixture and hardcoding it gives you reproducible test data without depending on auto-increment sequencing.

How to Generate a UUID Online

Using the DevToolBox UUID Generator takes under five seconds.

  1. Open the tool in your browser. No account, no install, no setup required.
  2. Select the UUID version — v4 for a random ID, v7 if you need time-ordered IDs for a database primary key.
  3. Choose how many UUIDs to generate. If you need a batch for test fixtures or a seed file, you can generate dozens at once and copy them all.
  4. Click generate and copy the output. Each UUID is a fresh cryptographically random value — no two will ever be the same.

DevToolBox tools run entirely in your browser using the Web Crypto API — no signup, no data sent to a server.

Common UUID Mistakes

# ✗ Storing UUID as VARCHAR — wastes space, slower index lookups:
id VARCHAR(36)  →  'f47ac10b-58cc-4372-a567-0e02b2c3d479'  (36 bytes with hyphens)

# ✓ Store as BINARY(16) or native UUID type — 16 bytes, faster:
id BINARY(16)   →  0xf47ac10b58cc4372a5670e02b2c3d479  (16 bytes, no hyphens)
# PostgreSQL has a native uuid type that handles this automatically

# ✗ Using UUID v4 as a database primary key at scale:
# Random UUIDs cause B-tree index fragmentation → slow inserts as table grows

# ✓ Use UUID v7 for database primary keys — time-ordered, inserts stay sequential:
018c4f3a-1234-7abc-9def-0123456789ab  ← sorts after earlier rows

# ✗ Generating UUIDs with Math.random() — NOT cryptographically random:
# Math.random() is not suitable for unique ID generation
# Use crypto.randomUUID() in browsers, or the 'uuid' npm package
  • Storing UUIDs as strings. A UUID stored as a 36-character VARCHAR takes more than twice the space of the same UUID stored as a 16-byte binary value. More importantly, string comparison is slower than binary comparison for index lookups. PostgreSQL has a native uuid type; MySQL and MariaDB work best with BINARY(16).
  • Using v4 for high-volume database primary keys. Random UUIDs insert into a B-tree index at random positions, causing page splits and fragmentation as the table grows. At scale — millions of rows — this degrades insert performance significantly. UUID v7 solves this by embedding the timestamp at the start, so new rows always insert at the end of the index.
  • Generating UUIDs with Math.random(). Math.random() is a pseudo-random number generator, not a cryptographically secure one. It produces numbers that look random but have statistical patterns that reduce the effective uniqueness of generated IDs. Use crypto.randomUUID() in modern browsers and Node.js, or a well-maintained library like the uuid npm package.
  • Treating an unguessable ID as an access control. A UUID in a URL does make enumeration attacks harder, but it is not a substitute for authorisation. If your API returns a resource to anyone who knows its UUID, a leaked or guessed ID grants access. Always enforce access control in addition to using non-sequential IDs.

Frequently Asked Questions

Are UUIDs truly unique?

Probabilistically, yes. UUID v4 has 122 bits of randomness, giving 2^122 possible values. The probability of any two randomly generated UUIDs matching is so small it is treated as zero for all practical purposes. Collisions are theoretically possible but effectively impossible at any real-world scale.

What is the difference between UUID and ULID?

ULID (Universally Unique Lexicographically Sortable Identifier) is an alternative to UUID that encodes a timestamp in the first 48 bits and uses a URL-safe Base32 alphabet, making it sortable and slightly more compact than a UUID with hyphens. UUID v7 was designed to solve the same problem — time-ordered unique IDs — using the established UUID format. Both are reasonable choices; UUID v7 has the advantage of broader library support.

Should I use UUID or auto-increment for my database primary key?

Auto-increment is simpler and performs slightly better for single-server, low-volume tables. Use UUIDs when you need to merge data across systems, generate IDs client-side, shard your database, or avoid exposing sequential IDs in URLs. If you go with UUIDs, use v7 rather than v4 for primary keys to avoid index fragmentation.

Is it safe to generate UUIDs in an online tool?

With DevToolBox, yes. The UUID generator uses the browser's built-in crypto.randomUUID() API — nothing is transmitted to any server. The randomness comes from the operating system's cryptographically secure random number generator, the same source used by security-critical applications.

Conclusion

UUIDs solve a specific problem cleanly: generating a unique identifier without coordinating with any central authority. For most uses, v4 is the right choice. For database primary keys where insert order matters, v7 is the better option. The main mistakes to avoid are storing them as strings when a binary type is available, and using v4 at high-insert-volume scale where index fragmentation becomes a bottleneck.

When you need a UUID for a test fixture, an idempotency key, a seed file, or any other one-off need, the DevToolBox UUID Generator generates v4 and v7 UUIDs instantly using your browser's crypto API. DevToolBox tools run entirely in your browser — no signup, no install, nothing sent to a server.

Generate UUIDs in seconds

Choose v4 or v7, set a quantity, and copy the output. Cryptographically random, free, no signup, browser-only.

Generate UUID Now →

Related tools

Hash Generator

Generate MD5, SHA-1, SHA-256, and SHA-512 hashes.

Timestamp Converter

Convert Unix timestamps to readable dates.

Base64 Encoder / Decoder

Encode or decode Base64 strings instantly.

Related Articles

Helpful tools for Developer Tools

Also read: