tags:

views:

436

answers:

4
+1  Q: 

How to predict the next GUID from a given GUID?

Hi, i have sent 10000 mails to our customers and each mail had a link of the format http://example.com/LogIn?key={guid}

unfortunately the guid i sent were random guids (test data generated by Guid.NewGuid()) so the customers have all received invalid links...

based on the 404s i receive from the webserver i have a few guids that i sent out. i have read that the guid generator in windows is weak so you can predict the next guid from one you already have. does anyone know how? if i could do that i could make the guids i sent out valid so the links would work again.

A: 

Part of a GUID is the current date/time. If you happen to receive two of them sequentially, then you can tell how fast they are being created and therefore predict the sequence with strong confidence.

jm04469  2009-05-03 12:31:51
only if they are type 1 GUIDs.
 2010-02-26 16:28:51
+1  A: 

There are several different types of guids. Type 1 uses a host ID - usually a mac address - a sequence number, and the current date and time. Type 4 is entirely random. If it's a type 1 UUID, you can probably figure out a fairly restricted set of likely UUIDs, but even so, you're not going to be able to generate a single sequence of UUIDs, so you won't be able to pin down a specific UUID to a specific user.

Nick Johnson  2009-05-03 13:59:54
+3  A: 

The way Windows has generated GUIDs has changed several times, and lots of seemingly reliable advice on the internet is completely wrong (maybe just out of date, maybe always completely wrong).

The last time I looked into this (a few years ago, probably XP SP2), I stepped right down into the OS code to see what was actually happening, and it was generating a random number with the secure random number generator.

I doubt you'll have much luck predicting one GUID from another if you generated them in the default way.

Will Dean  2009-05-03 14:06:16
A: 

Predicting the next GUID would be unreliable even if you could do it, but more than likely is completely impossible with the resources at your disposal.

Your best bet here is to simply add a manual redirect from any non-matching GUID to a generic page that either explains what went wrong or just programmatically figures out where they should have ended up and sends them there.

Bob Aman  2009-05-06 18:17:43

related questions

I ALMOST understand how email works, but I'm missing something.
Sending Email in .NET Through Gmail
MS hotfix delayed delivery.
How to send email from a program _without_ using a preexisting account?
Email SMTP validator
Maximum length of a MIME Content-Type header field?
If email is not the answer then what is?
Accessing an Exchange Server without Outlook
Recommendations for a .NET component to access an email inbox
Email queueing in php
How do I open the default mail program with a Subject and Body in a cross-platform way?
How do I send a file as an email attachment using Linux command line?
Read from .msg files
What was your biggest mistake involving programmatically sending email?
Good email service for bulk emailing
parsing raw email in php
Is there any wiki engine that supports page creation by email?
Sending emails without looking like spam
What's in your .procmailrc
Why won't Entourage work with Exchange 2007?
Can I use JavaScript to create a client side email?
E-mail Notifications
Is a "Confirm Email" input good practice when user changes email address?
MAPI and managed code experiences?
How do you make sure email you send programmatically is not automatically marked as spam?