NordVPN
SponsoredStrict no-logs VPN with 6,400+ servers in 111 countries. Threat Protection blocks ads, trackers, and malware while you work online.
Get NordVPN →Pick a min, max, and count to generate cryptographically secure random integers. Toggle 'unique' for sample-without-replacement (raffles, lotteries).
We use crypto.getRandomValues — the browser's cryptographically secure random source — instead of Math.random(). The CSPRNG output can't be predicted from prior values, which matters for lottery picks, gambling-adjacent applications, and any use where 'random' is a real requirement, not just 'arbitrary'.
We also use rejection sampling to make the distribution exactly uniform across the chosen range. Naive 'random % range' introduces bias when the range doesn't divide evenly into 2³². Rejection sampling discards values that would cause bias and tries again, so every number in your range has exactly the same probability.
Default mode: each number is independent — duplicates can occur. This is what 'random' usually means in casual use (rolling dice, picking a movie, randomized testing).
Unique mode: sample without replacement — once a number is picked, it can't be picked again in the same batch. Useful for: lottery picks (e.g., 6 numbers from 1-49), raffles (drawing winners), team assignments, and any 'pick N from M' situation. Requires count ≤ range.
Lottery / raffle: 6 unique numbers from 1-49, or whatever your draw uses. Toggle 'unique' on.
Dice rolls: range 1-6 (or 1-20 for D20). Leave 'unique' off so each roll is independent.
Random sampling for testing: pick 10 random user IDs from 1-10000 to spot-check. Use 'unique' to avoid duplicates.
Simulating coin flips: range 0-1, multiple results. Tally heads/tails for fairness checks (you'll see ~50/50 on large samples).
The randomness is cryptographically secure and unbiased. Whether it's legally 'fair' for an official lottery depends on your jurisdiction's rules — many require certified hardware RNGs.
Math.random() uses an algorithm whose output can be predicted from prior outputs by an attacker. crypto.getRandomValues uses an OS-level cryptographic RNG that can't be predicted. For real fairness, use this.
Yes. Set min to a negative value.
Limited by JavaScript's safe integer range (~2⁵³), but practically you can go to billions without trouble. The rejection-sampling technique handles any range correctly.
If you pick 10 unique numbers from 1-5, four don't exist. The validation catches this and asks you to widen the range or reduce the count.
Yes — set range to 1-6 (or whatever your dice are) and turn off 'unique' so each roll is independent.
No — secure random by design has no seed. If you need reproducible 'random' for testing, use a seeded PRNG library.
No. Generation is entirely local.
Strict no-logs VPN with 6,400+ servers in 111 countries. Threat Protection blocks ads, trackers, and malware while you work online.
Get NordVPN →Managed cloud hosting for WordPress and web apps on DigitalOcean, Vultr, and AWS. Fast setup, no server headaches.
Try Cloudways →