Loading...

Posts in category tech

Using Auto-Generated unique IDs

Auto-generated IDs are everywhere - as developers we use them all the time, and as users we see them in all kinds of contexts.

We do of course need them, but sometimes a lazy developer and/or a too security-confused project manager just takes this too far - putting mindless numbers in e-mails, on invoices or elsewhere exposed to the user that are frankly, out of this world.

I'm renewing our Microsoft Partnership, and needed to update some references. Microsoft sends mail between us and the customer, and includes a reference ID in the e-mail subject for our convenience - to make sure we do not confuse this reference with another no doubt. Here is top of the e-mail header with subject containing ID:

From:     partnote@microsoft.com
Subject:  Microsoft Partner Program Customer Reference Approved {0x006CEA0712C0BB99F4937CC30A0D9BD001000000F3FFA1F91C86A2365D973DE659A2D50F5407A462DAE9D665EF298C08DDDE05727D8F72484BED402D57EE2FAB181CB5FF}
Date:     5. mars 2008 12.02.31 GMT+01:00
To:       simon@....
....

When I was a kid I learned that a 1 (one) with 80 zeros behind it is an approximation of the number of atoms in the known universe. To save you all from counting, the Microsoft ID is 136 Hex digits. That is many, many orders of magnitude larger. Beyond comprehension.

Needed for the e-mail subject to avoid confusion - and of course, very handy to have if we for some reason need to call Microsoft partner support if we have any problems getting the reference registered or approved. Just mention the number.

I see similar examples all the time, and as I'm also paying all the company bills the use of KID on Norwegian invoices is another more of less daily fruststration. For readers that don't know the term, it is a handy reference for matching a payment to a given invoice and/or customer account for electronic payments. A good and noble idea used without concern for the user having to punch it back in when paying.

KIDs can be quite short - perhaps 5-7 numbers referencing our customer account or a specific invoice. Superb use, and this makes sense - I would need to punch some reference anyway, and that should be the minimum required to make a match in the other end.

Most of the time, however, they get generated as a combination of many factors totally un-needed: Perhaps the digit is composed of:

  • Invoice number
  • Customer number
  • Department ID
  • Internal references
  • Padding with zeros

All in all, perhaps a nice 25-30 digit number for me to punch. Mindless.