👨‍💻
Application Security Handbook
  • Application Security Handbook
  • Web Application
    • Authentication
      • Authentication with Login and Password
      • Authentication with Phone Number
      • OAuth 2.0 Authentication
      • Multi-factor Authentication
      • Default Passwords
      • Password Change
      • Password Policy
      • Password Reset
      • Password Storage
      • One Time Password (OTP)
      • Email Address Confirmation
    • Authorization
    • Concept of Trusted Devices
    • Content Security Policy (CSP)
    • Cookie Security
    • Cryptography
      • Cryptographic Keys Management
      • Encryption
      • Hash-based Message Authentication Code (HMAC)
      • Hashing
      • Random Generators
      • Universal Unique Identifier (UUID)
    • Error and Exception Handling
    • File Upload
    • Input Validation
    • JSON Web Token (JWT)
    • Logging and Monitoring
    • Output Encoding
    • Regular Expressions
    • Sensitive Data Management
    • Session Management
    • Transport Layer Protection
    • Vulnerability Mitigation
      • Brute-force
      • Command Injection
      • Cross-Site Request Forgery (CSRF)
      • Cross-Site Scripting (XSS)
      • Mass Parameter Assignment
      • Parameter Pollution
      • Path Traversal
      • Regular Expression Denial of Service (ReDoS)
      • SQL Injection (SQLi)
      • XML External Entity (XXE) Injection
Powered by GitBook
On this page
  • Overview
  • General
  • UUID generation
  1. Web Application
  2. Cryptography

Universal Unique Identifier (UUID)

PreviousRandom GeneratorsNextError and Exception Handling

Last updated 1 year ago

Overview

This page contains recommendations for using Universal Unique Identifier (UUID).

General

  • Do not use UUID as a session identifier.

  • You can use a UUID as a unique value for objects, such as a bank card ID or upload file name.

UUID generation

import "github.com/google/uuid"

func GenerateNewUUIDValue() string {
    return uuid.New().String()
}
import java.util.UUID;

public static String generateUUIDv4() {
    return UUID.randomUUID().toString();
}
import { v4 as uuidv4 } from 'uuid';
uuidv4();
import uuid

def generate_uuid_v4() -> str:
    return str(uuid.uuid4())

Do not use UUID as a random value. UUID is a unique value, not random. There is no a way to guarantee randomness, .

You can use the package to generate UUID values in Go.

Use the class to generate UUID values.

Use the package to generate UUID values.

Use the package to generate UUID values.

especially for versions != 4
google/uuid
java.util.UUID
uuid
uuid