UUID v4 vs v5

UUID v4 (Random)

Pros

  • Unique ID with no coordination needed
  • Unpredictable — prevents enumeration
  • No input namespace required
  • Ideal for primary keys and session IDs

Cons

  • Not reproducible from the same input
  • Cannot derive ID from a known name
  • Random ordering can hurt index locality
  • No built-in deduplication by content

UUID v5 (Name-Based, SHA-1)

Pros

  • Deterministic — same namespace + name = same UUID
  • Enables idempotent ID generation
  • Useful for federated systems and caching
  • No collision if namespace and name are unique

Cons

  • Requires a well-chosen namespace UUID
  • SHA-1 based — weaker than SHA-256 (acceptable for UUIDs)
  • Predictable if namespace and name are known
  • Not suitable for security tokens

Verdict

Use UUID v4 when you need a unique, unpredictable identifier with no relationship to input data — database primary keys, session tokens, and public resource IDs. Use UUID v5 when you need deterministic IDs derived from a namespace and name, such as generating consistent IDs across services, content-addressable storage, or idempotent API operations. Never use v5 for security-sensitive tokens since the output is predictable given the inputs.

Related Tools

Deeper Reading

Frequently Asked Questions

What is a UUID namespace?

A fixed UUID that scopes name-based generation. RFC 4122 defines DNS, URL, OID, and X.500 namespaces.

Is v5 better than v4 for databases?

Only when you need deterministic IDs. v4 is better for unpredictable public identifiers.