NanoID Generator

NanoID is a compact, URL-safe, collision-resistant ID format — a popular modern alternative to UUIDs. This generator produces real NanoIDs using your browser's cryptographically secure random source, with adjustable length and alphabet, and shows the collision odds for the settings you choose.

ID length How many Preset alphabet

Alphabet

How to use the NanoID Generator

Set the ID length, how many you want, and either pick a preset alphabet or type your own in the Alphabet box. Click Generate to produce a fresh batch — one ID per line — and Copy all to copy the whole list. Changing a preset fills the alphabet field for you, and you can edit it afterwards to add or remove characters.

The default settings reproduce a standard NanoID: 21 characters from a 64-symbol URL-safe alphabet (letters, digits, underscore, and hyphen). The No look-alikes preset drops easily confused characters like 0/O and 1/l/I, which is useful for IDs people might read aloud or type by hand. The line under the buttons shows the collision probability for your current length and alphabet, so you can judge whether the IDs are unique enough for your scale.

Randomness comes from crypto.getRandomValues, the browser's cryptographically secure generator, and an unbiased sampling step ensures every character is equally likely. Generation is entirely local — no IDs are transmitted or logged.

NanoID versus UUID

NanoID and UUID v4 solve the same problem — generate an identifier unique enough that you never have to coordinate with a central authority — but make different trade-offs. A UUID v4 is 36 characters with hyphens and draws from a fixed hexadecimal format. A default NanoID is 21 characters from a larger 64-symbol alphabet, so it packs comparable randomness (about 126 bits) into far fewer characters. Shorter IDs mean smaller URLs, less storage, and tidier logs, which is why NanoID has become popular in modern web stacks.

The URL-safe alphabet is the other practical win. NanoID's default characters — A–Z, a–z, 0–9, plus _ and - — all pass through URLs, filenames, and HTML attributes without escaping. UUIDs are also URL-safe, but their rigid format wastes characters on hyphens and a restricted hex range. With NanoID you can also shrink or grow the alphabet: shorten it for human-friendly codes, or keep it large to minimize length.

Security and uniqueness come from the random source, not the format. A good NanoID generator must use a cryptographically secure RNG and avoid modulo bias — the subtle mistake of mapping random bytes onto an alphabet unevenly, which makes some characters more likely and weakens the ID. This tool uses the same masked rejection-sampling approach as the official NanoID library, so every position is uniformly distributed. The collision estimate shown reflects the birthday-paradox math: with 21 default characters you can generate roughly a billion IDs per hour for years before a 1% collision chance.

Common use cases

Database primary keys. Use short, URL-safe IDs instead of long UUIDs for records, sessions, or documents.
Public-facing slugs. Generate unguessable IDs for share links, invites, or short URLs.
Human-readable codes. Switch to the no-look-alikes alphabet for codes people will read or type.
Seeding and testing. Produce a batch of unique identifiers for fixtures, load tests, or sample data.

Frequently asked questions

Are these IDs cryptographically secure?

Yes. They use crypto.getRandomValues, the browser's CSPRNG, with unbiased sampling so every character is equally likely. They are suitable for unguessable tokens.

How long should my NanoID be?

The 21-character default gives about 126 bits of randomness — effectively never collides at web scale. Shorten it only for low-volume or human-typed codes, and watch the collision estimate shown.

Can I use my own alphabet?

Yes. Type any set of characters in the Alphabet box. Duplicate characters are removed automatically, and the collision math updates for the alphabet size you choose.

How is NanoID different from UUID?

NanoID is shorter (21 vs 36 characters) and uses a larger, customizable URL-safe alphabet, while delivering comparable uniqueness. Both avoid central coordination.