NanoID Generator

Generate NanoIDs with custom alphabet, size and bulk output

What is it and how does it work?

NanoID is a compact, URL-safe unique ID generator for JavaScript, created as a smaller and faster alternative to UUID. A default NanoID (21 characters from the alphabet `A-Za-z0-9_-`) has 126 bits of randomness — comparable to UUID v4's 122 bits but 31% shorter. The default alphabet of 64 characters was chosen so that the output is URL-safe without encoding, case-sensitive (increasing density), and collision-resistant: the probability of collision reaches 1% only after generating 15 quintillion IDs.

NanoID is ideal for: database record IDs that appear in URLs (short, URL-safe), session tokens, idempotency keys, and file names. It's not intended for cryptographic use cases (use a dedicated CSPRNG for that). This tool generates NanoIDs with configurable length and alphabet, and shows the collision probability calculation for your chosen parameters.

Common use cases

• URL-safe database IDs: use 21-character NanoIDs as primary keys in a database — they're shorter than UUIDs in URLs (`/posts/V1StGXR8_Z5jdHi6B-myT` vs `/posts/550e8400-e29b-41d4-a716-446655440000`) while maintaining uniqueness.
• Short codes: use a custom alphabet and shorter length (e.g., 10 characters from `0-9A-Z`) for invite codes, coupon codes, or short links — adjust length to your collision tolerance.
• Idempotency keys: generate a NanoID per API request to use as an idempotency key — resending the same request with the same key prevents duplicate operations on the server.

Frequently asked questions

What is the collision probability for NanoID?

The birthday problem formula: probability ≈ 1 - e^(-n²/(2A^L)) where n is number of IDs generated, A is alphabet size, L is ID length. For default NanoID (L=21, A=64): to reach 1% collision probability you need n ≈ √(2 × 64²¹ × ln(1/(1-0.01))) ≈ 15.4 quintillion (1.54 × 10¹⁹). For 1 million IDs per hour, that's 1.76 billion years. The nanoid.js website provides an interactive calculator.

What is the difference between NanoID and UUID?

UUID v4 is 128 bits, formatted as 8-4-4-4-12 hexadecimal groups with dashes: `550e8400-e29b-41d4-a716-446655440000` (36 characters). NanoID default is 21 characters, URL-safe, no dashes, case-sensitive. UUID is standardized (RFC 4122), natively supported by many databases and languages. NanoID has no standard — just the npm library. Choose UUID when interoperability matters; NanoID when brevity and URL-safety matter.

Is NanoID cryptographically secure?

NanoID uses `crypto.getRandomValues()` in browsers and `crypto.randomFillSync()` in Node.js — both are cryptographically secure random number generators (CSPRNGs). This means NanoID IDs are unpredictable even if an attacker has observed many previous IDs. However, NanoID is NOT a cryptographic primitive — it's an ID generator. For security tokens (password reset links, session tokens), NanoID is appropriate. For keys, signatures, or HMAC secrets, use dedicated crypto APIs.

What custom alphabets are useful for NanoID?

Common custom alphabets: numbers only `0123456789` (for numeric codes); uppercase alphanumeric `0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ` (for case-insensitive codes); URL-safe lowercase `abcdefghijklmnopqrstuvwxyz0123456789` (for readable slugs); readable without ambiguity `2346789abcdefghjkmnpqrtuvwxyz` (removes 0/O, 1/I/l, 5/S that look alike). Alphabet size A and length L together determine collision resistance — increasing either improves it.

Security

Password Strength Checker · ROT13 Cipher · Base32 Encoder / Decoder · Hex Encoder / Decoder · Caesar Cipher · Vigenère Cipher