The nature of random numbers generated by the random module is sufficient for statistical purposes. It uses the
Mersenne Twister pseudorandom number generator. It has a known uniform distribution and a long enough period length that it can be used in simulations, modeling, or numerical integration.
Mersenne Twister is a completely deterministic algorithm, as is the random module. This means that as a result of knowing its initial conditions (the seed number), you can generate the same pseudorandom numbers.
The secrets module relies on the best source of randomness that a given operating system provides. So, on Unix and Unix-like systems, that would be the /dev/urandom device, and on Windows, it will be the CryptGenRandom generator.
The three most important functions are:
• secrets.token_bytes(nbytes=None): This returns nbytes of random bytes.
This function is used internally by secrets.token_hex() and secrets.token_
urlsafe(). If nbytes is not specified, it will return a default number of bytes,
which is documented as "reasonable."
• secrets.token_hex(nbytes=None): This returns nbytes of random bytes
in the form of a hex-encoded string (not a bytes() object). As it takes two
hexadecimal digits to encode one byte, the resulting string will consist of
nbytes × 2 characters. If nbytes is not specified, it will return the same default
number of bytes as secrets.token_bytes().
• secrets.token_urlsafe(nbytes=None): This returns nbytes of random bytes
in the form of a URL-safe, base64-encoded string. As a single byte takes
approximately 1.3 characters in base64 encoding, the resulting string will
consist of nbytes × 1.3 characters. If nbytes is not specified, it will return the
same default number of bytes as secrets.token_bytes().
