Skip to content

fix: use secrets module instead of random for secure password generation#1298

Closed
Ashvin-KS wants to merge 1 commit into
steam-bell-92:mainfrom
Ashvin-KS:fix/password-secrets-module
Closed

fix: use secrets module instead of random for secure password generation#1298
Ashvin-KS wants to merge 1 commit into
steam-bell-92:mainfrom
Ashvin-KS:fix/password-secrets-module

Conversation

@Ashvin-KS

@Ashvin-KS Ashvin-KS commented Jun 21, 2026

Copy link
Copy Markdown
Contributor

Summary

Replaces
andom.randint and
andom.choice with secrets.randbelow and secrets.choice to generate cryptographically secure random values.

Changes

  • games/Password-Forge/Password-Forge.py: Changed import random to import secrets
  • Replaced
    andom.randint(0, 9) with secrets.randbelow(10)
  • Replaced
    andom.randint(12, 24) with secrets.randbelow(13) + 12
  • Replaced
    andom.choice(...) with secrets.choice(...)

Why

The
andom module uses the Mersenne Twister PRNG, which produces predictable sequences. For password generation, we need cryptographically secure randomness provided by the secrets module.

Closes #1294

@Ashvin-KS
fix: use secrets module instead of random for secure password generation
0c08d8d 
Replaces random.randint and random.choice with secrets.randbelow and
secrets.choice to generate cryptographically secure random values.

Closes steam-bell-92#1294
@vercel

vercel Bot commented Jun 21, 2026

Copy link
Copy Markdown

@Ashvin-KS is attempting to deploy a commit to the Anuj's projects Team on Vercel.

A member of the Team first needs to authorize it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[BUG] Password generator uses weak random module instead of secrets module

2 participants

@Ashvin-KS @steam-bell-92