Skip to content


Passgen generates random sequences, and in order to do so, it needs access to secure, random data. By default, it will use whatever is the best source of randomness that is availalble on the system. For Linux, this means using the getrandom system call, and falling back to /dev/urandom, which are both the most secure source of randomness on the platform. On macOS that means using arc4random_buf to get random data, which is equally secure. Both of these methods will pool randomness from various sources, such as jitter, interrupt timings and the CPU's built-in randomness generator.

Other Sources

Using other sources of randomness is not recommended

Using alternative sources of randomness is not recommended, unless you know what you are doing. These are mainly implemented for testing purposes. The default system randomness generator produces the highest quality random data, better than any userspace PRNG. Do this only if you know what you are doing, for example if you have a hardware random number generator.

Passgen can also use other source of randomness if instructed. The command-line utility takes the --random RANDOM flag, which allows for specifying an alternate source of randomness. Some randomness sources take an argument.

Syntax Description
system Use the system random number generator (default).
file:/path/to/file Read randomness from the specified file. This can be used to read randomness from a different device, such as /dev/random, or a hardware randomness generator.
zero Does not return any random data, instead simply returns zeroes. Used only for testing.
xorshift:seed XorShift. Takes a non-zero number as seed. Produces very poor quality randomness.