Insecure random number generation
Reports any uses of java.lang.Random
or java.lang.Math.random()
.
In secure environments, java.secure.SecureRandom
is a better choice, since is offers cryptographically secure random number generation.
Example:
long token = new Random().nextLong();
Locating this inspection
- By ID
Can be used to locate inspection in e.g. Qodana configuration files, where you can quickly enable or disable it, or adjust its settings.
UnsecureRandomNumberGeneration- Via Settings dialog
Path to the inspection settings via IntelliJ Platform IDE Settings dialog, when you need to adjust inspection settings directly from your IDE.
Inspection Details | |
---|---|
By default bundled with: | |
Can be installed with plugin: | Java, 243.23126 |
Last modified: 03 December 2024