Inspectopedia Help

Insecure random number generation

Reports any uses of java.lang.Random or java.lang.Math.random().

In secure environments, java.secure.SecureRandom is a better choice, since is offers cryptographically secure random number generation.

Example:

long token = new Random().nextLong();

Locating this inspection

By ID

Can be used to locate inspection in e.g. Qodana configuration files, where you can quickly enable or disable it, or adjust its settings.

UnsecureRandomNumberGeneration
Via Settings dialog

Path to the inspection settings via IntelliJ Platform IDE Settings dialog, when you need to adjust inspection settings directly from your IDE.

Settings or Preferences | Editor | Inspections | Java | Security

Availability

By default bundled with

IntelliJ IDEA 2024.1, Qodana for JVM 2024.1,

Can be installed with plugin

Java, 241.18072

Last modified: 18 June 2024
Design for extensionNon-final 'clone()' in secure context