VMess relies on system time. Please ensure that the UTC time of your system, when using Xray, has an error within 90 seconds, regardless of the time zone. On Linux systems, you can install the `ntp` service to automatically synchronize the system time.
Custom strings and their corresponding UUIDs are equivalent. This means that you can use either a custom string or its corresponding UUID to identify the same user in the configuration file. For example:
The mapping standard is described in the [VLESS UUID Mapping Standard: Mapping a Custom String to a UUIDv5](https://github.com/XTLS/Xray-core/issues/158).
You can use the command `xray uuid -i "custom string"` to generate the UUID corresponding to a custom string, or use the command `xray uuid` to generate a random UUID.
To further prevent detection, a user can generate additional IDs in addition to the main ID. Here, you only need to specify the number of additional IDs. The recommended value is 0, which means VMessAEAD is enabled. The maximum value is 65535. This value cannot exceed the value specified on the server side.
::: tip Setting the client's AlterID to 0 enables VMessAEAD. The server automatically adapts and can simultaneously be compatible with clients that have enabled or disabled VMessAEAD. The client can forcefully disable VMessAEAD by setting the environment variable `Xray_VMESS_AEAD_DISABLED=true`. :::
The encryption method. The client will use the configured encryption method to send data, and the server will automatically recognize it without the need for configuration.
-`"chacha20-poly1305"`: Recommended for use on mobile devices.
-`"auto"`: Default value. Automatically selects the encryption method (uses aes-128-gcm when running on AMD64, ARM64, or s390x architecture, and Chacha20-Poly1305 in other cases).
-`"none"`: No encryption.
-`"zero"`: No encryption and no message authentication (v1.4.0+).
The `"none"` pseudo-encryption method calculates and verifies the packet's checksum. However, due to the lack of hardware support for the authentication algorithm, it may be slower than the hardware-accelerated `"aes-128-gcm"` on some platforms.
The `"zero"` pseudo-encryption method neither encrypts the message nor calculates the checksum, theoretically providing higher speed than any other encryption method. The actual speed may be influenced by other factors.
It is not recommended to use the `"none"` or `"zero"` pseudo-encryption methods without enabling TLS encryption and forcibly verifying certificates. If you use a CDN or other intermediate platforms or network environments that decrypt TLS connections, it is not recommended to use the `"none"` or `"zero"` pseudo-encryption methods.