Security News
CVE Volume Surges Past 48,000 in 2025 as WordPress Plugin Ecosystem Drives Growth
CVE disclosures hit a record 48,185 in 2025, driven largely by vulnerabilities in third-party WordPress plugins.
By Sarah Gooding - Jan 09, 2026
hexoid
A tiny (190B) and extremely fast utility to generate random IDs of fixed length
hexoid 
A tiny (190B) and extremely fast utility to generate random IDs of fixed length
Hexadecimal object IDs. Available for Node.js and the browser.
Generate randomized output strings of fixed length using lowercased hexadecimal pairs.
Notice: Please note that this is not a cryptographically secure (CSPRNG) generator.
Additionally, this module is delivered as:
- CommonJS:
dist/index.js - ES Module:
dist/index.mjs
Install
$ npm install --save hexoid
Usage
import { hexoid } from 'hexoid';
const toID = hexoid();
// length = 16 (default)
toID(); //=> '52032fedb951da00'
toID(); //=> '52032fedb951da01'
toID(); //=> '52032fedb951da02'
// customize length
hexoid(25)(); //=> '065359875047c63a037200e00'
hexoid(32)(); //=> 'ca8e4aec7f139d94fcab9cab2eb89f00'
hexoid(48)(); //=> 'c19a4deb5cdeca68534930e67bd0a2f4ed45988724d8d200'
API
hexoid(length?)
Returns: () => string
Creates the function that will generate strings.
length
Type: Number
Default: 16
Then length of the output string.
Important: Your risk of collisions decreases with longer strings!
Please be aware of the Birthday Problem! You may need more combinations than you'd expect.
The maximum combinations are known given the following formula:
const combos = 256 ** (len/2);
Benchmarks
Running on Node.js v10.13.0
Validation (length = 16):
✔ hashids/fixed (example: "LkQWjnegYbwZ1p0G")
✔ nanoid/non-secure (example: "sLlVL5X3M5k2fo58")
✔ uid (example: "3d0ckwcnjiuu91hj")
✔ hexoid (example: "de96b62e663ef300")
Benchmark (length = 16):
hashids/fixed x 349,462 ops/sec ±0.28% (93 runs sampled)
nanoid/non-secure x 3,337,573 ops/sec ±0.28% (96 runs sampled)
uid x 3,553,482 ops/sec ±0.51% (90 runs sampled)
hexoid x 81,081,364 ops/sec ±0.18% (96 runs sampled)
Validation (length = 25):
✔ cuid (example: "ck7lj5hbf00000v7c9gox6yfh")
✔ hashids/fixed (example: "r9JOyLkQWjnegYbwZ1p0GDXNm")
✔ nanoid/non-secure (example: "hI202PVPJQRNrP6o6z4pXz4m0")
✔ uid (example: "9904e9w130buxaw7n8358mn2f")
✔ hexoid (example: "01dfab2c14e37768eb7605a00")
Benchmark (length = 25):
cuid x 161,636 ops/sec ±1.36% (89 runs sampled)
hashids/fixed x 335,439 ops/sec ±2.40% (94 runs sampled)
nanoid/non-secure x 2,254,073 ops/sec ±0.23% (96 runs sampled)
uid x 2,483,275 ops/sec ±0.38% (95 runs sampled)
hexoid x 75,715,843 ops/sec ±0.27% (95 runs sampled)
Validation (length = 36):
✔ uuid/v1 (example: "c3dc1ed0-629a-11ea-8bfb-8ffc49585f54")
✔ uuid/v4 (example: "8c89f0ca-f01e-4c84-bd71-e645bab84552")
✔ hashids/fixed (example: "EVq3Pr9JOyLkQWjnegYbwZ1p0GDXNmRBlAxg")
✔ @lukeed/uuid (example: "069ad676-48f9-4452-b11d-f20c3872dc1f")
✔ nanoid/non-secure (example: "jAZjrcDmHH6P1rT9EFdCdHUpF440SjAKwb2A")
✔ uid (example: "5mhi30lgy5d0glmuy81llelbzdko518ow1sx")
✔ hexoid (example: "615209331f0b4630acf69999ccfc95a23200")
Benchmark (length = 36):
uuid/v1 x 1,487,947 ops/sec ±0.18% (98 runs sampled)
uuid/v4 x 334,868 ops/sec ±1.08% (90 runs sampled)
@lukeed/uuid x 6,352,445 ops/sec ±0.27% (91 runs sampled)
hashids/fixed x 322,914 ops/sec ±0.27% (93 runs sampled)
nanoid/non-secure x 1,592,708 ops/sec ±0.25% (91 runs sampled)
uid x 1,789,492 ops/sec ±0.29% (92 runs sampled)
hexoid x 71,746,692 ops/sec ±0.29% (93 runs sampled)
Related
- uid - A smaller (134B) but slower variant of this module with a different API
- @lukeed/uuid - A tiny (230B), fast, and cryptographically secure UUID (V4) generator for Node and the browser
License
MIT © Luke Edwards
Other packages similar to hexoid
uuid
The uuid package is a popular library for generating unique identifiers. Unlike hexoid, which generates hex strings, uuid can generate UUIDs (Universally Unique Identifiers) according to various versions (v1, v3, v4, v5). UUIDs are typically longer and follow a specific format, which includes hyphens and can be more recognizable as a standard ID format.
shortid
Shortid is another package that generates short, non-sequential, URL-friendly unique IDs. The main difference between shortid and hexoid is that shortid generates alphanumeric IDs that are shorter and more suited for URLs, whereas hexoid focuses on hex strings which are not necessarily URL-friendly but can be more compact.
nanoid
Nanoid is a tiny, secure, URL-friendly, unique string ID generator for JavaScript. It is similar to hexoid in terms of providing a simple API for generating unique IDs, but it offers a customizable alphabet and size, which allows for a wider range of possible IDs beyond just hexadecimal characters.
FAQs
A tiny (190B) and extremely fast utility to generate random IDs of fixed length
The npm package hexoid receives a total of 2,117,521 weekly downloads. As such, hexoid popularity was classified as popular.
We found that hexoid demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 12 Oct 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Insecure Agents Podcast: Certified Patches, Supply Chain Security, and AI Agents
Socket CEO Feross Aboukhadijeh joins Insecure Agents to discuss CVE remediation and why supply chain attacks require a different security approach.
By Sarah Gooding - Jan 08, 2026
Security News
Tailwind CSS Announces 75% Layoffs as LLMs Reshape OSS Business Models
Tailwind Labs laid off 75% of its engineering team after revenue dropped 80%, as LLMs redirect traffic away from documentation where developers discover paid products.
By Sarah Gooding - Jan 08, 2026