On Linux systems,
/dev/urandom are typically the best sources of random numbers. System entropy is typically incorporated into these devices to add entropy to the generated output. The
/dev/random device is blocking, which means if the system does not contain enough entropy for it to generate the required number of bits, it will wait until enough system entropy is available (based on the general "busyness" of the system) to generate the number. The
/dev/urandom device will take whatever system entropy is available and generate the remaining number of bits via other pseudorandom means. The challenge is to write your own PHP function that uses one of these devices to generate our token. ...