diff --git a/src/app.vue b/src/app.vue
index 5286ead..eecb07c 100644
--- a/src/app.vue
+++ b/src/app.vue
@@ -168,6 +168,9 @@
 import axios from 'axios'
 import AES from 'gibberish-aes/src/gibberish-aes'
 
+const passwordCharset = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
+const passwordLength = 20
+
 export default {
   name: 'App',
 
@@ -212,8 +215,9 @@ export default {
   methods: {
     // createSecret executes the secret creation after encrypting the secret
     createSecret() {
-      this.securePassword = Math.random().toString(36)
-        .substring(2)
+      this.securePassword = [...window.crypto.getRandomValues(new Uint8Array(passwordLength))]
+        .map(n => passwordCharset[n % passwordCharset.length])
+        .join('')
       const secret = AES.enc(this.secret, this.securePassword)
 
       axios.post('api/create', { secret })