Using Random Longer Non-Sequential IDs

johnk · February 13, 2006, 12:17am

Instead of using sequential integers for IDs for my objects I was
wondering if I could easily make it so that my IDs where longer auto-
generated random strings/integers.

So instead of:
http://www.mydomain.com/user/view/1

Would be:

http://www.mydomain.com/user/view/d81096b87a7c5565f

On top of that… is there big benefits for security reasons to use
non-sequential numbers? Is it worth it?

Thanks

John K.
http://www.kopanas.com

=====================================================================
http://www.soen.info - source of the freshest software engineering
information on the net
http://cusec.soen.info - software engineering conference

johnk · February 13, 2006, 12:42am

On Feb 12, 2006, at 3:17 PM, John K. wrote:

On top of that… is there big benefits for security reasons to use
non-sequential numbers? Is it worth it?

No, security through obscurity will just give you a false sense of
security.

–
– Tom M.

johnk · February 13, 2006, 1:23am

On Sunday, February 12, 2006, at 6:17 PM, John K. wrote:

http://www.soen.info - source of the freshest software engineering
information on the net
http://cusec.soen.info - software engineering conference

Rails mailing list
[email protected]
http://lists.rubyonrails.org/mailman/listinfo/rails

You can add an extra column to your table and generate random unique id
(unique secondary key). We used this approach to display order pages on

Best Regards, Roustem.