Is a UUID Guaranteed to Be Unique?

The short answer: yes, in practice — but it's a probabilistic guarantee, not a mathematical certainty. Here's what that means and when it matters.

How unique is UUID v4 (random)?

UUID v4 is 128 bits, with 122 bits of randomness (6 bits are fixed for version/variant). That gives you roughly 5.3 × 10²¹ possible values.

The birthday problem tells us the probability of a collision when generating n UUIDs is approximately:

p ≈ n² / (2 × 5.3 × 10²¹)

To get a 1-in-a-billion chance of any collision, you'd need to generate around 3.26 billion UUIDs simultaneously. Generating a billion UUIDs per second, it would take 85 years to reach 50% collision probability.

For any real-world application, UUID v4 collision is not a concern.

When uniqueness IS deterministic

UUID v1 and v7 include a timestamp component, which makes sequential collisions within the same millisecond much less likely. UUID v5 is deterministic — the same name and namespace always produce the same UUID, which is useful for idempotent generation but means it's not unique if called with the same inputs.

Version	Source	Collision risk
v1	Timestamp + MAC	Extremely low
v4	Random	Astronomically low
v5	Hash of name+namespace	Intentionally deterministic
v7	Timestamp + random	Extremely low, sortable

The real risks aren't math — they're implementation

Collisions in practice come from:

• Bad random number generators — Math.random() is not cryptographically secure. Use crypto.randomUUID() in browsers or a proper library server-side.
• Seeding bugs — multiple processes seeded with the same value (common in container environments that clone state).
• Copying UUIDs — copy-pasting an ID from a dev database into production.

Do you need a uniqueness check?

If your system is high-stakes (financial records, medical IDs), add a unique constraint in your database anyway. The constraint costs nearly nothing and gives you a hard guarantee on top of the probabilistic one.

Generate UUIDs

Use the UUID generator to create v4 UUIDs instantly in your browser using crypto.getRandomValues — the cryptographically secure source. For more on the differences between versions, see UUID versions explained.