UUID类型不止一种，因此“安全程度”取决于您使用的类型(UUID规范称为“版本”)。

Version 1 is the time based plus MAC address UUID. The 128-bits contains 48-bits for the network card's MAC address (which is uniquely assigned by the manufacturer) and a 60-bit clock with a resolution of 100 nanoseconds. That clock wraps in 3603 A.D. so these UUIDs are safe at least until then (unless you need more than 10 million new UUIDs per second or someone clones your network card). I say "at least" because the clock starts at 15 October 1582, so you have about 400 years after the clock wraps before there is even a small possibility of duplications. Version 4 is the random number UUID. There's six fixed bits and the rest of the UUID is 122-bits of randomness. See Wikipedia or other analysis that describe how very unlikely a duplicate is. Version 3 is uses MD5 and Version 5 uses SHA-1 to create those 122-bits, instead of a random or pseudo-random number generator. So in terms of safety it is like Version 4 being a statistical issue (as long as you make sure what the digest algorithm is processing is always unique). Version 2 is similar to Version 1, but with a smaller clock so it is going to wrap around much sooner. But since Version 2 UUIDs are for DCE, you shouldn't be using these.

所以对于所有实际问题，它们都是安全的。如果你不喜欢把它留给概率(例如，你是那种担心地球在你的一生中被一颗大小行星摧毁的人)，只要确保你使用版本1的UUID，并且它保证是唯一的(在你的一生中，除非你计划活到公元3603年以后)。

那么，为什么不是每个人都使用版本1的uuid呢?这是因为版本1的uuid揭示了生成它的机器的MAC地址，并且它们是可以预测的——这两件事可能会对使用这些uuid的应用程序产生安全影响。

对于UUID4，我认为在一个边长360000公里的立方体盒子中，id的数量大约与沙粒的数量相同。这是一个边长约为木星直径2.5倍的盒子。

如果我搞砸了单位，就会有人告诉我:

沙粒体积0.00947mm^3 (Guardian) UUID4有122个随机位-> 5.3e36可能的值(维基百科) 那么多沙粒的体积= 5.0191e34 mm^3或5.0191e+25m^3 体积= 3.69E8m或369,000km的立方箱的边长 木星直径:139,820公里(谷歌)

我不知道这对您是否重要，但请记住，guid是全局惟一的，但guid的子字符串不是。

很安全:

一个人被陨石击中的年风险是 估计是170亿分之一的几率，也就是说 概率约为0.00000000006 (6 × 10−11)，相当于几率 在一年内创造出几十万亿uuid，并拥有一个uuid 复制。换句话说，只有在每次生成10亿个uuid之后 第二，在接下来的100年里，只创造一个的概率 重复率约为50%。

警告:

However, these probabilities only hold when the UUIDs are generated using sufficient entropy. Otherwise, the probability of duplicates could be significantly higher, since the statistical dispersion might be lower. Where unique identifiers are required for distributed applications, so that UUIDs do not clash even when data from many devices is merged, the randomness of the seeds and generators used on every device must be reliable for the life of the application. Where this is not feasible, RFC4122 recommends using a namespace variant instead.

来源:维基百科关于通用唯一标识符的文章的随机UUID重复概率部分(链接指向2016年12月的修订版，在编辑重新编辑该部分之前)。

另请参阅同一篇通用唯一标识符文章中关于同一主题的当前部分，碰撞。

摘自维基百科:

因此，任何人都可以创建UUID并使用 用它来表示某物 合理相信 标识符永远不会是 无意中被某人用于 其他东西

它还非常详细地解释了它的安全性。所以回答你的问题:是的，它足够安全。

我同意其他的答案。uuid对于几乎所有的实际用途都是足够安全的，当然对你来说也是如此。

但假设(假设)它们不是。

是否有更好的系统或某种类型的模式来缓解这个问题?

这里有一些方法:

Use a bigger UUID. For instance, instead of a 128 random bits, use 256 or 512 or ... Each bit you add to a type-4 style UUID will reduce the probability of a collision by a half, assuming that you have a reliable source of entropy2. Build a centralized or distributed service that generates UUIDs and records each and every one it has ever issued. Each time it generates a new one, it checks that the UUID has never been issued before. Such a service would be technically straight-forward to implement (I think) if we assumed that the people running the service were absolutely trustworthy, incorruptible, etcetera. Unfortunately, they aren't ... especially when there is the possibility of governments' security organizations interfering. So, this approach is probably impractical, and may be3 impossible in the real world.

1 - If uniqueness of UUIDs determined whether nuclear missiles got launched at your country's capital city, a lot of your fellow citizens would not be convinced by "the probability is extremely low". Hence my "nearly all" qualification. 2 - And here's a philosophical question for you. Is anything ever truly random? How would we know if it wasn't? Is the universe as we know it a simulation? Is there a God who might conceivably "tweak" the laws of physics to alter an outcome? 3 - If anyone knows of any research papers on this problem, please comment.