Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
When a session ID is created, the ID isn’t checked for uniqueness usually. Verifying uniqueness is a big overhead when dealing with billions of records.
I was wondering what length of a random session ID string should be enough to rely on for uniqueness in a production service, as big as Gmail for example.
Any other suggestions to maintain a proper session uniqueness will be welcome.
Thanks,
Roy.
If you have a fairly good random number generator, a random 128-bit ID (such as a GUID) should be always unique in practice (mathematically speaking, there’s a tiny tiny chance that there will be duplicates, but trust me, it’s not going to happen. The universe will collapse in a giant black hole before there will be a duplicate GUID.)