UUID v3 Generator
UUID v3 is deterministic: the same namespace + name always returns the same UUID. Pick a namespace below and type a name.
Show all 0
How v3 works
The 16-byte namespace is concatenated with the UTF-8 bytes of the name, fed through MD5, and then a few bits are overwritten to mark the result as version 3, variant RFC 4122. The resulting 128 bits are presented in the standard 8-4-4-4-12 hex format.
The standard namespaces
| Namespace | UUID |
|---|---|
| DNS | 6ba7b810-9d1d-11d1-80b4-00c04fd430c8 |
| URL | 6ba7b811-9d1d-11d1-80b4-00c04fd430c8 |
| OID | 6ba7b812-9d1d-11d1-80b4-00c04fd430c8 |
| X.500 | 6ba7b814-9d1d-11d1-80b4-00c04fd430c8 |
Custom namespaces
For internal use, generate one v4 UUID, hard-code it as your namespace, and use it forever. That gives you a unique ID space for your project without colliding with anyone else's.
v3 in code
// JavaScript / TypeScript
import { v3 } from "uuid";
const NS = "6ba7b811-9d1d-11d1-80b4-00c04fd430c8"; // URL ns
v3("https://example.com/users/42", NS);
// Python
import uuid
uuid.uuid3(uuid.NAMESPACE_URL, "https://example.com/users/42")
// Go
import "github.com/google/uuid"
uuid.NewMD5(uuid.NameSpaceURL, []byte("https://example.com/users/42"))v3 vs v5 — pick v5 for new code
The only difference between v3 and v5 is the hash function: v3 uses MD5, v5 uses SHA-1. They're otherwise identical in shape and use case. SHA-1 is faster on modern CPUs and has fewer known weaknesses than MD5, so for any new project, prefer v5.
Only choose v3 when you need byte-for-byte compatibility with an existing system that already generates v3 UUIDs. The values are not interchangeable.
Real-world use cases
- Legacy system interop. If a partner system was built before SHA-1 was widely available and uses v3 throughout, you may need to match.
- Deduplication of imported records. Hash a stable identity (lowercase email, normalized URL) into a v3 UUID and use it as the primary key. The same input from two different services produces the same UUID.
- Test fixture stability. v3-derived UUIDs make snapshot tests deterministic — same fixture name → same UUID across runs.
Common pitfalls
- Don't use v3 with adversarial inputs. MD5 has practical collision attacks. If a user controls the name and a collision could be exploited (e.g. account takeover via a forged duplicate UUID), use v4 instead.
- UTF-8 encoding only. The hash is over the UTF-8 byte representation of the name. Mixed-encoding inputs (UTF-16 LE in C# code, UTF-8 in JavaScript) produce different UUIDs for the same logical string.
- Don't normalize twice. If your name has been lowercased + trimmed somewhere upstream, don't do it again — the second normalization is a no-op, but it's worth confirming. Inconsistent normalization is the most common bug with deterministic UUIDs.
FAQ
What is a namespace UUID?
UUID v3 hashes a namespace UUID together with a name string using MD5. The same namespace + name always produces the same UUID. Standard namespaces are predefined for DNS, URL, OID, and X.500 names; you can also use any UUID you choose as your own namespace.
v3 vs v5 — which should I pick?
v3 uses MD5; v5 uses SHA-1. Both are deterministic. Prefer v5 for new code unless you need byte-for-byte compatibility with an existing v3 system. SHA-1 is not collision-resistant for adversarial inputs, but it's strictly better than MD5 for this purpose.
Is UUID v3 cryptographically secure?
No — and it's not meant to be. v3 is a deterministic identifier, not a security primitive. Don't use it as a token or hash for sensitive data.
What's a real use case?
Generating stable IDs for entities derived from a stable input — e.g. one UUID per Git commit hash, per (tenant, slug) pair, or per email-as-username. Same input → same UUID, no need to store a mapping.