Unpopular opinion: given your server has enough entropy, UUID v4 is a good session token.
It allocates 122 bits for the randomly generated part. OWASP recommends session tokens to contain at least 64 bits of entropy while being at least 16 hexadecimal characters long.

The rant category is intentional

Depends on the session duration I guess

@jestdotty multiple sources, one of which is unplugged audio jack and the noise it produces

in completely isolated cloud servers where there is no mouse, no keyboard and no audio, entropy reading is indeed 0 sometimes

there are also dedicated entropy generators that are plugged into pci-e. all they do is amplify random electric noise and read it

@retoor
The number of unique combinations of a UUIDv4 (Universally Unique Identifier version 4) is extremely large. A UUIDv4 consists of 32 hexadecimal digits, giving a total of 16^32 possible combinations, which is roughly equal to 2^128 possible values. This is an astronomical number, far greater than the estimated number of sand grains on Earth.

It is estimated that there are around 7.5 x 10^18 (7.5 quintillion) grains of sand on Earth. In comparison, the number of possible UUIDv4 combinations is 2^128, which is approximately 3.4 x 10^38. This means that the number of unique combinations of UUIDv4 is significantly larger than the number of sand grains in the world.

UUIDv4, despite not being guaranteed to be unique, has such a ridiculously big keyspace that for 99.999% of applications you can safely treat a well generated UUID as unique.

After all, the probability of a collision, and thus someone stealing your session, is waaaaay less likely than you being struck by lightning, or an asteroid wiping us all out, which would render your shitty web session pointless anyway.

Also, last I checked, servers without physical sources of entropy could fall back to algorithms run on a concat of request bodies and timestamps to substitute /dev/u random.

While that certainly has more of an attack surface, it is still a decent source of entropy.

@CoreFusionX you can trust urandom. After all, if you can demonstrate an attack where urandom was the weakest link, you’ll be set for life.

@retoor
/dev/urandom is a special file in Unix-like operating systems that provides a stream of pseudo-random data. It is commonly used as a source of random data for various cryptographic purposes or other applications that require randomness. The "urandom" name stands for "unlimited random" or "non-blocking random," indicating that it continuously generates random data without blocking, unlike /dev/random, which may block if the system's entropy pool is depleted. The data generated by /dev/urandom is not truly random but is considered secure for most purposes. The randomness in /dev/urandom is achieved through a combination of algorithms and system event inputs to generate the random data, making it suitable for a wide range of applications that require randomness.

@retoor
/dev/random is considered to be more random than /dev/urandom because /dev/random generates cryptographically secure random numbers by blocking when there is not enough entropy available, while /dev/urandom does not block and may output pseudo-random numbers. It is always recommended to use /dev/random for more secure random number generation.

@retoor

I know UUID is just a format, hence why I said "safely generated".

@kiki

urandom itself does fall back to known PRNG algorithms such as Mersenne when there's not enough entropy, but yeah, so long as entropy ain't a big fat 0, you should be set.