Insecure random number generation
Reports any uses of java.lang.Random
or java.lang.Math.random()
.
In secure environments, java.secure.SecureRandom
is a better choice, since is offers cryptographically secure random number generation.
Example:
long token = new Random().nextLong();
Locating this inspection
- By ID
Can be used to locate inspection in e.g. Qodana configuration files, where you can quickly enable or disable it, or adjust its settings.
UnsecureRandomNumberGeneration- Via Settings dialog
Path to the inspection settings via IntelliJ Platform IDE Settings dialog, when you need to adjust inspection settings directly from your IDE.
Availability
- By default bundled with
- Can be installed with plugin
Java, 241.18072
Last modified: 18 June 2024