diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php
index 4d79b87122e..c526d57bee0 100644
--- a/htdocs/core/lib/security2.lib.php
+++ b/htdocs/core/lib/security2.lib.php
@@ -439,7 +439,7 @@ function encodedecode_dbpassconf($level=0)
 /**
  * Return a generated password using default module
  *
- * @param		boolean		$generic		true=Create generic password (use md5, sha1 depending on setup), false=Use the configured password generation module
+ * @param		boolean		$generic		true=Create generic password (32 chars/numbers), false=Use the configured password generation module
  * @return		string						New value for password
  */
 function getRandomPassword($generic=false)
@@ -447,7 +447,48 @@ function getRandomPassword($generic=false)
 	global $db,$conf,$langs,$user;
 
 	$generated_password='';
-	if ($generic) $generated_password=dol_hash(mt_rand());
+	if ($generic)
+	{
+		$length = 32;
+		$lowercase = "qwertyuiopasdfghjklzxcvbnm";
+		$uppercase = "ASDFGHJKLZXCVBNMQWERTYUIOP";
+		$numbers = "1234567890";
+		$randomCode = "";
+		if (function_exists('random_int'))	// Cryptographic random
+		{
+			$max = strlen($lowercase) - 1;
+			for ($x = 0; $x < abs($length/3); $x++) {
+				$randomCode .= $lowercase{random_int(0, $max)};
+			}
+			$max = strlen($uppercase) - 1;
+			for ($x = 0; $x < abs($length/3); $x++) {
+				$randomCode .= $uppercase{random_int(0, $max)};
+			}
+			$max = strlen($numbers) - 1;
+			for ($x = 0; $x < abs($length/3); $x++) {
+				$randomCode .= $numbers{random_int(0, $max)};
+			}
+
+			$generated_password=str_shuffle($randomCode);
+		}
+		else	// Old platform, non cryptographic random
+		{
+			$max = strlen($lowercase) - 1;
+			for ($x = 0; $x < abs($length/3); $x++) {
+				$randomCode .= $lowercase{mt_rand(0, $max)};
+			}
+			$max = strlen($uppercase) - 1;
+			for ($x = 0; $x < abs($length/3); $x++) {
+				$randomCode .= $uppercase{mt_rand(0, $max)};
+			}
+			$max = strlen($numbers) - 1;
+			for ($x = 0; $x < abs($length/3); $x++) {
+				$randomCode .= $numbers{mt_rand(0, $max)};
+			}
+
+			$generated_password=str_shuffle($randomCode);
+		}
+	}
 	else if (! empty($conf->global->USER_PASSWORD_GENERATED))
 	{
 		$nomclass="modGeneratePass".ucfirst($conf->global->USER_PASSWORD_GENERATED);