Предсказуемые Токены

Брутфорс токенов сброса, сгенерированных на основе слабого времени/seed.

Token Generator

Token History (Last 5):

No tokens generated yet

Attack: Brute-force / Predict

If you know the algorithm and the time of generation, can you guess the next token?

Predict Token:

Why is this vulnerable?

Many developers use Date.now() or Math.random() to generate 'secure' tokens. However, Math.random() is a PRNG and Date.now() is easily guessed if the attacker knows roughly when you clicked 'Reset Password'.