Home/Glossary/Universally Unique Identifier (UUID)

Universally Unique Identifier (UUID)

A 128-bit identifier guaranteed to be unique across space and time without central coordination.

DevelopmentAlso called: "uuid", "guid"

UUIDs provide collision-resistant identifiers for distributed systems.

UUID versions

  • v1: Timestamp-based (reveals MAC address and creation time).
  • v4: Random (most common, cryptographically random).
  • v5: Name-based with SHA-1 hashing (deterministic).
  • v7: New timestamp-based with improved sorting (RFC draft).

Format

  • 8-4-4-4-12 hexadecimal digits: 550e8400-e29b-41d4-a716-446655440000.

Use cases

  • Database primary keys in distributed systems.
  • Session identifiers and API tokens.
  • File and document naming.
  • Correlation IDs in microservices.

Security considerations

  • UUIDv1 leaks MAC address and timestamp.
  • Prefer UUIDv4 for security-sensitive applications.
  • Not suitable as secrets or passwords.

Related Tools

Related Articles

View all articles
Formal Security Models Explained: Bell-LaPadula, Biba, Clark-Wilson, and Beyond

Formal Security Models Explained: Bell-LaPadula, Biba, Clark-Wilson, and Beyond

Master the formal security models that underpin all access control systems. This comprehensive guide covers Bell-LaPadula, Biba, Clark-Wilson, Brewer-Nash, lattice-based access control, and how to choose the right model for your organization.

Read article →
Biometric Authentication: Understanding FAR, FRR, and CER for Security Professionals

Biometric Authentication: Understanding FAR, FRR, and CER for Security Professionals

Master the critical metrics behind biometric authentication systems including False Acceptance Rate (FAR), False Rejection Rate (FRR), and Crossover Error Rate (CER). Learn how to evaluate, tune, and deploy biometric systems across enterprise, consumer, and high-security environments.

Read article →
Database Inference & Aggregation Attacks: The Complete Defense Guide

Database Inference & Aggregation Attacks: The Complete Defense Guide

Learn how inference and aggregation attacks exploit aggregate queries and combined data to reveal protected information, and discover proven countermeasures including differential privacy, polyinstantiation, and query restriction controls.

Read article →
NIST 800-88 Media Sanitization Complete Guide: Clear, Purge, and Destroy Methods Explained

NIST 800-88 Media Sanitization Complete Guide: Clear, Purge, and Destroy Methods Explained

Master NIST SP 800-88 Rev. 1 media sanitization methods including Clear, Purge, and Destroy. Covers SSD vs HDD sanitization, crypto erase, degaussing, regulatory compliance, and building a media sanitization program.

Read article →

Explore More Development

View all terms

API (Application Programming Interface)

A set of rules and protocols that allows different software applications to communicate and exchange data.

Read more →

Cron Expression

A time-based job scheduling syntax using five or six fields to specify when tasks should run.

Read more →

DevOps

A set of practices combining software development (Dev) and IT operations (Ops) to shorten development cycles and deliver high-quality software continuously.

Read more →

Diff Algorithm

A computational method for comparing two sets of data and identifying differences between them.

Read more →

GitOps

An operational framework that uses Git repositories as the single source of truth for declarative infrastructure and application configurations.

Read more →

JSON (JavaScript Object Notation)

A lightweight data interchange format using human-readable text to represent structured data.

Read more →
Back to glossary