[vore]

I've never been sure of the use case of hashids. They're not really a security measure since they can be easily defeated; you might as well just expose the sequential ID at that point. If you do need something with better properties, you should probably be using UUIDv6.

[junon]

> they can be easily defeated

How? I mean they're of course no cryptographic measure but with the salt you have some secrecy.

[paulgb]

If an attacker can generate sequential hashids, they can decipher the alphabet order that hashids use without needing to know the seed, and then use the seed to invert other hashids.

I wrote a library that generates short IDs with the goal of making the similarity between two codes have nothing to do with sequence order.

https://docs.rs/block-id/latest/block_id/