Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.4: Random password widgets may not be random' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.4: Random password widgets may not be random
Authored by: rjcarr on Dec 07, '05 12:34:41AM

It seems everyone here is missing the point. Although Math.random() in javascript is not cryptographically secure, for all intents and purposes, it is adequate.

However, the problem here is specifically with Math.random() in widgets, not necessarily, and only related to, Math.random() when used with passwords.

It seems that, for some reason, Math.random() is seeded with the *same number* every single time a widget is placed, whereas it *should* be seeded with the current time (or some other infrequent number) instead.

Just wanted to clear up the root of the problem.



[ Reply to This | # ]