UUID Generator
Generate RFC 4122 / 9562 UUIDs — random (v4), time-ordered (v7), time-based (v1) and name-based (v5) — instantly in your browser. Nothing is uploaded. Last reviewed 2026-06-19.
Version 5 is deterministic — a namespace plus a name always produces the same UUID.
What is a UUID?
A UUID (Universally Unique Identifier), also called a GUID, is a
128-bit value written as 32 hexadecimal digits in five hyphen-separated groups —
8-4-4-4-12, for example f47ac10b-58cc-4372-a567-0e02b2c3d479. The point is
to mint an identifier that is unique without a central authority, so independent systems can each
create IDs that will never collide. The 13th digit encodes the version and the 17th
encodes the variant.
UUID versions at a glance
| Version | Type | Deterministic? | Notes |
|---|---|---|---|
| v1 | Time-based | No | Timestamp + node. Time-ordered; historically leaked the MAC address (we randomise the node). |
| v3 | Name-based (MD5) | Yes | Like v5 but hashed with MD5. Legacy — prefer v5. |
| v4 | Random | No | The everyday default. 122 bits of randomness. |
| v5 | Name-based (SHA-1) | Yes | Same namespace + name → same UUID. Good for stable, reproducible IDs. |
| v7 | Time-ordered | No | Unix-ms timestamp + random. Sortable; the modern choice for database keys. |
This tool generates v4, v7, v1 and v5. Versions 2 (DCE security), 6 (reordered v1) and 8 (custom) are rarely needed in application code. We deliberately omit the MD5-based v3 — MD5 is broken and unavailable in the browser’s crypto API — and offer the SHA-1-based v5 the spec prefers.
Which version should I use?
- Just need a unique ID? Use v4 (random) — it is the safe default.
- Database primary key? Use v7 — its leading timestamp keeps inserts ordered, avoiding the index fragmentation that random v4 keys cause.
- Need the same input to always map to the same ID? Use v5 with a namespace and name.
- Interoperating with an older system? Use v1.
Inspect a UUID
Paste any UUID to check it is valid and read its version, variant and (for v1/v7) embedded timestamp.
- Valid
- —
- Version
- —
- Variant
- —
- Timestamp
- —
Are UUIDs really unique?
For random v4, the odds of a collision are astronomically small: with 122 random bits you could generate a billion UUIDs per second for about 85 years and still have only a roughly 50% chance of a single duplicate. In practice you can treat them as unique. A UUID is an identifier, not a secret, though — never use one as a password or security token.
Frequently asked questions
- Are UUIDs guaranteed to be unique?
- Not mathematically guaranteed, but for practical purposes yes. A version-4 UUID has 122 random bits — you would need to generate billions per second for many years before a collision became even remotely likely. Version 5 is deterministic, so the same namespace and name always produce the same UUID by design.
- Which UUID version should I use?
- Use version 4 (random) for general unique IDs. Use version 7 if you want IDs that sort by creation time — ideal as database primary keys, since they avoid the index fragmentation random v4 keys cause. Use version 5 when you need a reproducible ID derived from a name. Version 1 is mainly for legacy compatibility.
- Is a UUID secure or hard to guess?
- A version-4 UUID is unpredictable enough to be hard to guess, but a UUID is an identifier, not a secret. Do not use one as a password, session token, or security key — generate a dedicated cryptographic secret for those.
- What is the difference between v4 and v7?
- Both are unique, but v7 embeds a millisecond timestamp at the front, so a list of v7 UUIDs sorts in creation order. v4 is fully random and has no order. Use v7 for database keys (better index locality) and v4 when ordering does not matter.
- Why is there no version 3 here?
- Version 3 is name-based but uses MD5, which is cryptographically broken, and the browser’s Web Crypto API does not expose MD5. We offer version 5, the SHA-1-based equivalent that the spec recommends instead.
- Are the UUIDs generated privately?
- Yes. Everything is generated locally in your browser using the built-in Web Crypto API — nothing is sent to a server, and it works offline once the page has loaded. Version 1 uses a random node, so your network hardware address is never exposed.