Most developers reach for UUID v4 by default and never think much more about it. That instinct is correct for the vast majority of situations. Understanding exactly why it is correct will help you recognize the minority of situations where a different version makes more sense. This is not a comprehensive tour of all five UUID versions. It is a focused explanation of why v4 became the default, the specific conditions that make it the wrong choice, and what to use instead when those conditions arise. Photo by blickpixel on Pixabay Why v4 Became the Default UUID v4 generates 128 bits of cryptographically random data, minus the four bits used to encode the version number and the two to three bits used to encode the variant. Everything else is random. There is no timestamp, no machine identifier, no sequence number, and no ordering information embedded in the value. This makes v4 the right default for three reasons. No information leakage. The value reveals nothing about when or where it was created.…