How secure is the randomness of our spinning wheel? hero image

How secure is the randomness of our spinning wheel?

Oct 12, 2025

So, how secure is the randomness of Spin The Wheel Of Names? It is cryptographically secure and designed for generating random values suitable for tasks like session IDs, tokens, salts, and cryptographic keys. We use Crypto.getRandomValues() from Web Crypto API. It sources its entropy directly from the operating system’s cryptographically secure pseudorandom number generator (CSPRNG). The randomness is not predictable, even to someone who can observe outputs or system state. This API guarantees Browser isolation. That means that each execution context (tab, worker, etc.) has its own internal state and doesn’t leak randomness between sites or origins.

Verdict:

  • Crypto.getRandomValues() is secure for all cryptographic and security-sensitive purposes.
  • ⚠️ Just make sure to avoid biased transformations and use it in secure (HTTPS) contexts. We do.

So, rest assured - every time you spin the wheel, a fair random selection is the result.

Cheers,
Stan

---

Be careful not to use old spinning wheel websites that use the simpler Math.random() function (API). Here's why - Math.random() uses a pseudorandom number generator (PRNG). This means the numbers generated are not "truly" random but are derived from an initial "seed" value and a deterministic algorithm. If the seed or enough outputs are known, the sequence of future numbers can potentially be predicted. This may not be crucial for a few draws, yet, it's better to use a modern and secure website like this one.