diff options
Diffstat (limited to 'modules/user/user.module')
| -rw-r--r-- | modules/user/user.module | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/modules/user/user.module b/modules/user/user.module index 512420706..7227a1e74 100644 --- a/modules/user/user.module +++ b/modules/user/user.module @@ -717,10 +717,14 @@ function user_password($length = 10) { // Loop the number of times specified by $length. for ($i = 0; $i < $length; $i++) { + do { + // Find a secure random number within the range needed. + $index = ord(drupal_random_bytes(1)); + } while ($index > $len); // Each iteration, pick a random character from the // allowable string and append it to the password: - $pass .= $allowable_characters[mt_rand(0, $len)]; + $pass .= $allowable_characters[$index]; } return $pass; |