# Cryptographically Weak Random Number Generation

- ID: python-weak-random
- Severity: MEDIUM
- CWE: Weak PRNG (CWE-338)
- Languages: Python

## Description

Detects use of the random module for security-sensitive operations like
tokens, passwords, or cryptographic keys. The random module is not
cryptographically secure. Use the secrets module instead.

## Remediation

Use the secrets module instead of random for security-sensitive operations.

```python
import secrets

token = secrets.token_hex(32)
api_key = secrets.token_urlsafe(32)

# For passwords:
import string
alphabet = string.ascii_letters + string.digits
password = ''.join(secrets.choice(alphabet) for _ in range(12))
```

Learn more: https://shoulder.dev/learn/python/cwe-338/weak-random

## Documentation

[object Object]

## Related Rules

- **Weak Random Number Generation for Security** [HIGH]: 
- **Weak Random Number Generation in Security Context** [HIGH]: 
- **Insecure Random Number Generation** [MEDIUM]: