Using a predictable seed in a pseudo-random number generator can lead to predictability of the numbers generated by it.
If the predictability of the pseudo-random number generator does not matter then consider using the faster
Random class from
java.util. If it is important that the pseudo-random number
generator produces completely unpredictable values then either let the generator securely seed itself by not
specifying a seed or specify a randomly generated, unpredictable seed.
In the first example shown here, a constant value is used as a seed. Depending on the implementation of
SecureRandom, this could lead to the same random number being generated each time the code is executed.
In the second example shown here, the system time is used as a seed. Depending on the implementation of
SecureRandom, if an attacker knows what time the code was run, they could predict the generated random
In the third example shown here, the random number generator is allowed to generate its own seed, which it will do in a secure way.