I recently had a debate with someone whose current job position is "security architect" (my own background is in crypto and security, but I don't work with it today) who didn't like our choice of 128 bit UUIDs as authentication tokens in URLs. He believed we should add a unique string for our specific service in front of the UUID, to lessen the risk for clashes with other services.
Oh derp, I just rolled my eyes out of my head. 
The UU in UUID stands for Universally Unique. And it is unique, unless some bonehead doesn't use any entropy.
"Security Architect" indeed.