Various embodiments of the present technology involve creating a secure unique identifier for a content item to be used in a synchronized content management system while off-line with the synchronized content management system. In some embodiments, securing the unique identifier involves generating a random key and applying a hash function to an input to generate a hash. The synchronized content management system can require a user to send both the secure identifier and the key to the content management system in order to register the content item with the content management system. Accordingly, a malicious user who only has access to the secure identifier cannot use it to identify the key. This prevents a malicious user who has obtained the secure identifier, but does not have access to the key from registering a malicious document using the original user's secure identifier.