DevToys Pro

free web developer tools

Blog
Rate us:
Try browser extension:
← Back to Blog

Dev Blog: UUID, Password, and Hash Generators for Developers

9 min read

Generating unique identifiers, secure credentials, and data checksums are fundamental tasks in software development. Whether you need a UUID for a database primary key, a secure password for testing, or an MD5/SHA256 hash for file verification, having reliable generators saves time and reduces errors.

This guide covers the essential generators developers use daily — explaining the technical details behind each one and when to use them in real-world scenarios.

UUID Generation & Decoding

UUIDs (Universally Unique Identifiers), also known as GUIDs (Globally Unique Identifiers), are 128-bit identifiers designed to be unique across space and time without central coordination. A UUID generator creates these identifiers for database keys, distributed systems, and API resources.

UUID Format

All UUID versions share the same 36-character format (32 hex digits + 4 hyphens):

xxxxxxxx-xxxx-Mxxx-Nxxx-xxxxxxxxxxxx

    └─ Variant (8, 9, a, or b)
             └────── Version (1, 4, 6, or 7)
└──────────────────── 32 hexadecimal digits

Example: 550e8400-e29b-41d4-a716-446655440000
         └──────────────┬──────────────────┘
                   128 bits total

UUID Versions Explained

UUID v1 — Time-based + MAC Address

// Structure: timestamp + clock sequence + MAC address
// Example: 6ba7b810-9dad-11d1-80b4-00c04fd430c8

Pros:
- Sortable by creation time
- Guaranteed unique per machine

Cons:
- Exposes MAC address (privacy concern)
- Predictable sequence

UUID v4 — Random

// Structure: 122 random bits + 6 version/variant bits
// Example: 550e8400-e29b-41d4-a716-446655440000

Pros:
- Most common version
- No information leakage
- Simple implementation

Cons:
- Not sortable by time
- Theoretical collision risk (negligible)

UUID v6 — Reordered Time-based

// Structure: reordered v1 timestamp for sortability
// Example: 1ed6b810-6ba7-6dad-80b4-00c04fd430c8

Pros:
- Sortable by creation time
- Better for database indexes
- More privacy than v1

Cons:
- Less common than v4
- Still includes node identifier

UUID v7 — Unix Timestamp + Random

// Structure: Unix timestamp (ms) + random bits
// Example: 018c5e6f-8b4a-7d8e-9f3c-1a2b3c4d5e6f

Pros:
- Sortable by creation time
- Database index friendly
- No MAC address exposure
- Modern standard (RFC 9562)

Cons:
- Newest version, less library support

Choosing the Right UUID Version

Use CaseRecommended
General purpose, most compatibleUUID v4
Database primary keys (PostgreSQL, MySQL)UUID v7
Time-ordered IDs for distributed systemsUUID v7 or v6
Legacy system compatibilityUUID v1

UUID Decoding

The UUID Generator & Decoder can also decode existing UUIDs to reveal their version, variant, and embedded timestamp (for v1, v6, v7).

Secure Password Generation

A password generator creates cryptographically secure random passwords that resist brute-force attacks. Strong passwords are essential for testing authentication systems, creating service accounts, and generating API keys.

Password Strength Factors

Password entropy = log2(character_set_size ^ length)

Character Sets:
- Lowercase (a-z):     26 characters
- Uppercase (A-Z):     26 characters
- Digits (0-9):        10 characters
- Symbols (!@#$...):   ~32 characters

Combined: 94 printable ASCII characters

Example entropy calculations:
- 8 chars, lowercase only:  log2(26^8)   38 bits
- 12 chars, mixed case:     log2(52^12)  68 bits
- 16 chars, all types:      log2(94^16)  105 bits
- 20 chars, all types:      log2(94^20)  131 bits

Password Requirements by Use Case

Use CaseMin LengthCharacter Types
Test accounts8-12Mixed case + digits
User passwords12-16Mixed case + digits + symbols
Service accounts20+All character types
API keys / secrets32+Alphanumeric (URL-safe)
Encryption keys32+ bytesFull entropy (base64)

Avoiding Weak Passwords

  • Never use dictionary words or common patterns
  • Avoid sequential characters (abc, 123, qwerty)
  • Don't use personal information (names, dates)
  • Use unique passwords for each service
  • Cryptographic randomness is essential — Math.random() is not secure

The Password Generator uses cryptographically secure random number generation (CSPRNG) and allows customizing length, character sets, and excluding ambiguous characters.

Hash & Checksum Generation

Cryptographic hash functions produce fixed-size digests from arbitrary input data. A hash generator calculates these digests for file verification, password hashing, data integrity checks, and content addressing.

Common Hash Algorithms

Input: "Hello, World!"

MD5:    65a8e27d8879283831b664bd8b7f0ad4     (128 bits, 32 hex)
SHA-1:  0a0a9f2a6772942557ab5355d76af442f8f65e01 (160 bits, 40 hex)
SHA-256: dffd6021bb2bd5b0af676290809ec3a5...   (256 bits, 64 hex)
SHA-512: 374d794a95cdcfd8b35993185fef9ba3...   (512 bits, 128 hex)

Algorithm Comparison

AlgorithmOutputSecurityUse Cases
MD5128-bitBrokenLegacy checksums, non-security
SHA-1160-bitWeakGit commits, legacy systems
SHA-256256-bitStrongFile integrity, certificates
SHA-512512-bitStrongHigh-security applications

File Checksum Verification

Verifying file integrity is a primary use case for hash functions. When downloading software, compare the computed hash against the published checksum:

# Published checksum (from download page)
SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

# Computed checksum (from downloaded file)
SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

# Match = file is authentic and uncorrupted

Hash Use Cases in Development

  • File integrity — Verify downloads, detect corruption
  • Content addressing — Git blob storage, IPFS, Docker layers
  • Cache keys — Hash request parameters for cache lookup
  • Deduplication — Identify duplicate files by hash
  • ETags — HTTP caching with content hashes
  • Checksums — Data transmission verification

Note: For password storage, use specialized algorithms like bcrypt, scrypt, or Argon2 — not raw SHA-256.

The Hash / Checksum Generator calculates MD5, SHA-1, SHA-256, and SHA-512 hashes for both text input and uploaded files.

Lorem Ipsum & Placeholder Text

Lorem Ipsum is pseudo-Latin placeholder text used in design and development. A Lorem Ipsum generator creates dummy text for layouts, mockups, and testing content rendering.

Why Use Placeholder Text

  • Layout testing — Fill UI components with realistic text volume
  • Typography — Test font rendering, line heights, word wrapping
  • Mockups — Create realistic designs before real content exists
  • Performance testing — Generate large text volumes
  • Focus on design — Meaningless text prevents content distraction

Lorem Ipsum Structure

// Classic Lorem Ipsum opening
Lorem ipsum dolor sit amet, consectetur adipiscing elit,
sed do eiusmod tempor incididunt ut labore et dolore
magna aliqua.

// Generation options:
- Words: Generate N random words
- Sentences: Generate N sentences (5-15 words each)
- Paragraphs: Generate N paragraphs (3-7 sentences each)

When to Use Real Content Instead

  • User testing and usability studies
  • Content-heavy applications (CMS, blogs)
  • Accessibility testing
  • Final client presentations

The Lorem Ipsum Generator creates customizable placeholder text by words, sentences, or paragraphs.

QR Code Generation

While listed under Encoders/Decoders, the QR Code Generator is also a generation tool. It creates QR codes from text, URLs, WiFi credentials, or contact information, exportable as SVG for high-quality printing.

Generator Quick Reference

NeedToolOutput
Database primary keyUUID GeneratorUUID v4 or v7
Test account passwordPassword Generator16+ char secure password
File verificationHash GeneratorSHA-256 checksum
UI placeholder textLorem IpsumParagraphs/sentences
Mobile-scannable linkQR CodeSVG/PNG image

All Generators in DevToys Pro

These generators are part of the Generators collection in DevToys Pro. All generation happens in your browser using cryptographically secure randomness — no data is sent to external servers.

Open Generators →