Guide

Random passwords, hex, and UUIDs: pick the right generator

Maps human passwords, random hex strings for tests and scripts, and UUID identifiers to the correct salamyx.com tools and common misuse patterns.

All guides Full catalog

Random passwords: human secrets for accounts

Use the random password generator when you need a new credential for a human login. Optimize for length, character diversity, and uniqueness per site.

Store generated passwords in a password manager. Screenshots, chat logs, and email are poor vaults.

Random hex: strong strings for tests and scripts

Random hex is convenient when you need raw bytes represented as text—examples include test vectors, nonces in documentation, or synthetic identifiers for fixtures.

Hex is not a password policy by itself: think about how the value will be transmitted and stored after generation.

UUIDs: identifiers, not authorization

UUID v4 values are great for database keys, request correlation, and filenames. They are not automatically “secure because they look random.”

Session tokens and API keys need threat modeling: transport, storage, rotation, and scope—not just entropy.

How this maps to salamyx.com pages

Passwords and hex live primarily under Crypto tools; UUID generation lives under Developers. When you are unsure, start from the task: human login vs machine artifact vs stable ID.

Open tools

Random password

Configurable generator.

Random hex

Strong hex strings in-browser.

UUID

RFC 4122 v4 generator.

Hash comparison

How common hash algorithms compare (educational).

FAQ

Should I use UUID v4 instead of a password?

No. UUIDs are for identifiers. Passwords need memorability constraints and manager workflows; use the password generator for logins.

Is random hex the same as a hash?

No. Hex output here is random generation. Hashing is deterministic: same input, same output, designed for fingerprints.

Can I use random hex as an API key?

Length and entropy might be fine, but key lifecycle (rotation, revocation, scope) is decided by your API gateway and policy—not by the generator label.

When do I pick UUID over incremental integers?

When you want opaque, collision-resistant IDs without a central allocator or when merging datasets across systems.

Are browser generators safe for production secrets?

They are convenient for development and personal workflows. Production systems should source secrets from audited components and HSM/KMS where required.