
Autoincrement considered harmful - duck
http://joshua.schachter.org/2007/01/autoincrement.html
======
rst
The argument is really against using the values of an autoincrement column in
mysql as externally visible identifiers --- the problem being that they're
easily guessable. I'm not sure I completely buy it --- if someone who isn't
allowed to see /stockportfolio/4239 can get a look at it just by asking for
it, you're probably missing some access checks someplace. (And likewise for
asking for objects with numerically sequential ID's in bunches.)

And one advantage of numerical IDs is that they tend to be shorter than hashes
or UUIDs, which can make them easier for humans to cope with.

