(packagemain.tech)

68 points der_gopher | 1 comments | 01 Dec 25 20:45 UTC | HN request time: 0s | source

Show context

elias1233 ◴[10 Dec 25 00:10 UTC] No.46212452[source]▶

I have always been a bit hesitant to use UUIDs with timestamps as it can be a security issue if the IDs are public. For example getting the age of a user account just from the id. I will say, however, that I have not heard of any major incidents stemming from this.

replies(2): >>46213535 #>>46216200 #

1. verandaguy ◴[10 Dec 25 03:04 UTC] No.46213535[source]▶

>>46212452 #

The classic solution to this is to have an internal ID (UUIDv7 if you want to use UUID, nice for indexing in newer databases) and an external ID (UUIDv4 or similar) which doesn't leak information to the outside world (but which otherwise doesn't offer any benefits at the storage level).

↑

ULID: Universally Unique Lexicographically Sortable Identifier