How to generate a secure random number in Python?

Secure random numbers are critical in various programming contexts, particularly in security-sensitive applications where randomness is essential for data confidentiality, integrity, and authenticity. Python uses secure random numbers for several reasons:

  1. Cryptography: Cryptographic algorithms often rely on random numbers for generating encryption keys.

  2. Password generation: Using a secure random number while generating passwords makes it hard to crack.

  3. Token generation: For web applications and user authentication, secure random tokens are used to create session tokens and reset password tokens.

  4. Salting: Salts are random values combined with passwords before hashing to improve password storage security.

  5. Randomized algorithms: Random numbers are used in some algorithms and protocols to introduce variability, randomness, or uncertainty.

  6. Secure communication: For secure communication protocols such as TLS/SSL, random numbers generate cryptographic nonces and session keys, ensuring that each session is unique and encrypted data remains confidential.

  7. Digital signatures: Cryptographic digital signatures require random numbers to create signatures and ensure the authenticity and integrity of messages.

  8. Random selection: Random numbers are used in various applications such as unbiased random selection, shuffling, and data sampling.

In these scenarios, using a cryptographically secure random number generator is critical to avoiding potential vulnerabilities caused by predictable or non-random sources of randomness. Predictable random numbers can result in serious security breaches like unauthorized access, data leaks, or compromised encryption.

Generation of a secure random number

The secrets module in Python is specifically designed to provide a secure source of random numbers for these use cases, helping developers ensure the security and reliability of their applications. It provides three functions to generate a random number, as follows:

  • The randbelow() method of the secrets library generates a random number within the provided range in the parameter.

  • The choice() method of the secrets library returns a random item from the given sequence. See this Answer on the secrets.choice() function to learn more about it.

  • The randbits() method of the secrets library provides a random number of k bits. The value of k is passed as an argument.

Code example

Use the following code to generate a secure random number:

import secrets, string
# Generate a random number between 0 and 99 (inclusive)
secure_random_number = secrets.randbelow(100)  
print("Secure random number below 100: ", secure_random_number)
# Generate a OTP using the secure random number
OTP = ""
for i in range(4):
    OTP +=str(''.join(secrets.choice(string.digits)))
print("Secure OTP: ", OTP)
# Generating a secure number using the Random bits
number_using_bits = secrets.randbits(10)
print("Secure number using bits: ", number_using_bits)

Code explanation

  • Line 1: We import the necessary modules for generating a secure random number.

  • Line 4: We use the randbelow() method from the secrets library to generate a secure random number in the range of 0–99.

  • Line 10: We use the choice() method from the secrets library to generate a random choice from a series. The digits from the string library is used to generate a one-time password (OTP).

  • Line 14: We use the randbits(<>) method from the secrets library to generate a secure random number using k number of bits.

Free Resources

Copyright ©2025 Educative, Inc. All rights reserved