UUID and GUID explained — what they are and when to generate one

By ToolBite Team • Last updated: April 22, 2026

If you've ever worked with a database or REST API, you've seen UUIDs: strings like 550e8400-e29b-41d4-a716-446655440000. This guide explains what they are, why they exist, and when to use them.

Best for: backend developers, database engineers, and anyone designing APIs or distributed systems that need unique identifiers.

What is a UUID?

A UUID (Universally Unique Identifier) is a 128-bit number used to identify information in computer systems. It is standardised in RFC 4122 and formatted as 32 hexadecimal characters grouped by hyphens: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.

The goal of a UUID is to generate an identifier that is unique across all space and time — without requiring a central authority to coordinate ID assignment. Two different computers can generate UUIDs at the same millisecond and the chance of collision is astronomically small.

UUID vs GUID — are they the same?

Yes, essentially. GUID (Globally Unique Identifier) is Microsoft's name for the same concept. GUIDs and UUIDs follow the same RFC 4122 standard and are formatted identically. The terms are interchangeable in practice — Microsoft's .NET and SQL Server use "GUID", while Linux, PostgreSQL, and most open-source tooling use "UUID".

UUID versions — which one to use?

v1 — Based on timestamp and MAC address. Sequential, but leaks your machine's network address. Avoid for security-sensitive IDs.
v4 — Randomly generated. The most widely used version. 122 bits of randomness means collisions are practically impossible. Use this for most purposes.
v5 — Deterministic: generated from a namespace and a name using SHA-1. Same inputs always produce the same UUID. Useful for content-addressable IDs.
v7 — New standard (2023). Timestamp-ordered random UUID. Sorts lexicographically by creation time — ideal for database primary keys where index performance matters.

For most use cases, use v4 (random). For database primary keys where you care about insert performance, consider v7.

When to use UUIDs

Database primary keys — UUIDs let you generate IDs on the client before inserting to the database, removing round-trips. No risk of sequential ID enumeration by users.
API resource identifiers — /users/550e8400-e29b-41d4-a716-446655440000 is safer than /users/42 (no guessing other users' IDs).
Distributed systems — Multiple services or nodes can generate IDs independently with no coordination and no conflicts.
Test fixtures — Hard-coded UUIDs in test data are stable, readable, and won't collide with real data.
File names — Rename uploaded files to UUIDs to prevent path traversal and naming conflicts.

UUID trade-offs

UUIDs are not free:

They are 36 characters vs a simple integer — larger storage and index size in databases.
Random v4 UUIDs cause index fragmentation in B-tree indexes because inserts land at random positions. Use v7 or ULID if this matters.
They are harder to type and remember than short IDs — don't use them in user-facing URLs if brevity matters.

How to generate UUIDs in your browser

Open ToolBite's UUID generator.
Click Generate to create a new random v4 UUID.
Click Copy to copy it to your clipboard instantly.
Generate as many as you need — each one is unique and created locally in your browser.

Generate a UUID now Hash Generator