Re incrementing ids being a security risk, I'm not sure I agree - perhaps in certain circumstances, but in most cases, the authorisation for a resource is the important restriction, the identifier for the resource is arbitrary and doesn't really matter. It's only if you have sloppy authorisation that a user can then exploit incrementing ids to walk the space of resources and access them, and typically identifiers and urls are not well protected, so your url with your obscure id is just as likely to be found in email or shared and then exploited than one with an incremental id. The moonpig bug linked is an example of this - they had no authorisation in place, so random keys wouldn't have helped them, just made it harder to exploit.