Skip to content

suspicious-non-cryptographic-random-usage (S311)#

Derived from the flake8-bandit linter.

What it does#

Checks for uses of cryptographically weak pseudo-random number generators.

Why is this bad?#

Cryptographically weak pseudo-random number generators are insecure, as they are easily predictable. This can allow an attacker to guess the generated numbers and compromise the security of the system.

Instead, use a cryptographically secure pseudo-random number generator (such as using the secrets module) when generating random numbers for security purposes.


import random


Use instead:

import secrets