What's the true risk factor for the application at hand? If not a critical app, risk is low as the amount of work involved to "crack" is not worth the gain. If a critical app, then I'd suggest a more elaborate program.
Dave
"Walden H. Leverich" <WaldenL@xxxxxxxxxxxxxxx> 9/9/2008 11:06 >>>
making the resulting random number, random.
Well, not really. The problem with pseudo-random numbers isn't that they
start at the same point, but rather that the sequence of numbers, once
identified, it predictable. Sure, you've made it harder to predict the
sequence since you started at a "random" time, but I can still easily
crack that by running all possible times into the random number
generator until I find your sequence. There's nothing you can do to a
pseudo-random sequence to make it truly random.
Having said that, any pseudo-random sequence is probably more that
random enough for all but the most public of captcha sites.
If you want truly random bits check out
http://www.fourmilab.ch/hotbits/
or
http://www.random.org (
http://www.random.org/ ) My preference is the first just because it's
really twisted to be able to say my random numbers are atomically
powered. :-)
--
Walden H Leverich III
Tech Software
(516) 627-3800 x3051
WaldenL@xxxxxxxxxxxxxxx
http://www.TechSoftInc.com (
http://www.techsoftinc.com/ )
Quiquid latine dictum sit altum viditur.
(Whatever is said in Latin seems profound.)
As an Amazon Associate we earn from qualifying purchases.