# Insecure Random Number Generation

- ID: python-insecure-randomness
- Severity: MEDIUM
- CWE: Weak PRNG (CWE-338)
- Languages: Python

## Description

Detects use of insecure random number generators (random module) for
security-critical operations. Use secrets module or os.urandom() for
cryptographic randomness (tokens, passwords, keys, nonces).

## Remediation

Use the secrets module for tokens, passwords, and security-sensitive operations.

```python
import secrets

# Generate secure token
token = secrets.token_urlsafe(32)

# Generate secure hex token
reset_token = secrets.token_hex(32)

# Generate secure bytes for keys/salt
key = secrets.token_bytes(32)
```

Learn more: https://shoulder.dev/learn/python/cwe-338/insecure-randomness

## Documentation

[object Object]

## Related Rules

- **Weak Random Number Generation for Security** [HIGH]: 
- **Weak Random Number Generation in Security Context** [HIGH]: 
- **Cryptographically Weak Random Number Generation** [MEDIUM]: