# Weak Password Reset Token

- ID: python-weak-reset-token
- Severity: HIGH
- CWE: Weak Password Recovery (CWE-640)
- Languages: Python
- Frameworks: django, flask, fastapi

## Description

Detects password reset tokens generated using weak or predictable methods like timestamps or non-cryptographic random.

## Remediation

Use the secrets module for cryptographically secure token generation.

```python
import secrets
token = secrets.token_urlsafe(32)
```

Learn more: https://shoulder.dev/learn/python/cwe-640/weak-password-reset-token

## Documentation

[object Object]

## Related Rules

- **Weak Password Reset Token** [HIGH]: 
- **Weak Password Reset Token** [HIGH]: