dhardy
commented
3 years ago Regarding the seeding and the use of non-crypto RNGs I think we're already fine. The only other things are the non-uniform char selection (maybe we mention this somewhere??) and the index bug.
We already make it pretty easy to generate passwords, possibly even more securely than the fixed KPM. Example: https://play.rust-lang.org/?version=stable&mode=debug&edition=2018&gist=7af982aa9bda9b782aaeadc697cec3f2
We could add Rng::gen_string(dist: D, len: usize) -> String maybe?
This blog post about the Kaspersky password manager is a nice example of what can go wrong when choosing and initializing an RNG. Maybe it's worth it to add it to the book as a reference? It's mentions a lot of pitfalls that Rand avoids.