Cloud storage providers allow users to store content items in an online user account that can be accessed from any computing device with a network connection. In order to identify these content items for retrieval, a cloud storage provider, such as a content management system, may assign a unique identifier to each content item. In some instances, the identifiers can be assigned by the client device when the client device is disconnected from or currently not in communication with the content management system. Such a situation can often arise when a user is traveling, for example, and there are no available networks (e.g., cellular, cable, wireless, etc.). When an identifier is assigned to a content item associated with a user account while the client device is not in communication with the content management system (i.e., before the content item can synchronize with the content management system), it is possible that a malicious user could obtain the identifier, such as by predicting or intercepting this identifier, and subsequently have this identifier assigned to a potentially harmful content item. Accordingly, as people are increasingly relying on computing devices in a wider variety of ways, it can be advantageous to adapt the ways in which identifiers are assigned to content items to protect users from malicious intrusions.