Skip to content

Add security warning to System.Random documentation #11709

New issue
New issue
Open
Open
Add security warning to System.Random documentation#11709
Labels
area-System.SecurityIssues related to security practices for .NET developers.untriagedNew issue has not been triaged by the area owner
@sempf

Description

@sempf
sempf
opened on Aug 19, 2025

Type of issue

Missing information

Description

System.Random is not designed for cryptographic use, but that is not clearly noted on the core documentation page for the class, as referenced. I recommend adding a notification div near the top of the page noting this fact. Perhaps:

Security Notification
System.Random is not for cryptographic use. For cryptographically sound random numbers for used in seeds for key creation, as an example, please see System.Security.Cryptography.Random()

This is not unlike what was on Binary Formatter for years before Barry finally took it to pasture.

Page URL

https://learn.microsoft.com/en-us/dotnet/api/system.random?view=net-9.0

Content source URL

https://github.com/dotnet/dotnet-api-docs/blob/main/xml/System/Random.xml

Document Version Independent Id

ea32dd59-b49e-473d-c696-273ca85c30ef

Platform Id

50cb73a0-8e80-a3ce-60b1-757c81dbcee3

Article author

@dotnet-bot

Metadata

Metadata

Assignees

No one assigned

    Labels

    area-System.SecurityIssues related to security practices for .NET developers.untriagedNew issue has not been triaged by the area owner

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions