Open
Description
Basing randomness on current time is very low entropy, at most 1000 unique values available per second, shared across all browsers in the world. Birthday paradox says 38 browsers loading the site in the same second have a 50% chance of at least one collision.
Can we please use WebCrypto.getRandomValues() for seeding the PRNG?
People generally assume two browsers fetching random values at the same time to get different values.
Metadata
Metadata
Assignees
Labels
No labels