http://www.perlmonks.org?node_id=1016729


in reply to Custom-length random/unique string generator

Use Bytes::Random::Secure. Seeding is superior, the CSPRNG is ISAAC, and its random_string_from function does exactly what you want, with very few dependencies.

use Bytes::Random::Secure qw( random_string_from ); my $string = random_string_from( join( '', ( 'a' .. 'z' ), ( 'A' .. 'Z' ), ( '0' .. '9' ) ), 56 ); print $string, "\n"; # Done; no md5 bias, no modulo bias, strong seeding, strong CSPRNG.

Update: I didn't have time to elaborate earlier. But the point here is that seeding correctly is hard. Generating strong pseudo-randomness is hard. But this is a problem that has been solved already (on CPAN), with a good deal of research, and collaboration. And to get well seeded, high quality random bytes, you need one module, which has exactly three non-core dependencies in its heritage, if you exclude what Test::Warn drags along with it. ...and it works portably across many platforms, and back through Perl 5.8. In some cases even 5.6.

As others have mentioned there are flaws in the seeding you're using. And an MD5 RNG is less than ideal.


Dave