From 8337d8f40978de6f9e33a1801321d34bcbf9c8bf Mon Sep 17 00:00:00 2001
From: Louis Nyffenegger <louis.nyffenegger@gmail.com>
Date: Mon, 17 Nov 2025 14:19:47 +1100
Subject: [PATCH] Use makeRandomPassword instead of makeRandomId

Since makeRandomPassword uses a cryptographically random generator and a larger keyspace, it is a better option than makeRandomId
---
 .../BrooklynUserWithRandomPasswordSecurityProvider.java         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/provider/BrooklynUserWithRandomPasswordSecurityProvider.java b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/provider/BrooklynUserWithRandomPasswordSecurityProvider.java
index 3f3d8ec390..7fa85608af 100644
--- a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/provider/BrooklynUserWithRandomPasswordSecurityProvider.java
+++ b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/provider/BrooklynUserWithRandomPasswordSecurityProvider.java
@@ -38,7 +38,7 @@ public class BrooklynUserWithRandomPasswordSecurityProvider extends AbstractSecu
     private final String password;
 
     public BrooklynUserWithRandomPasswordSecurityProvider() {
-        this.password = Identifiers.makeRandomId(10);
+        this.password = Identifiers.makeRandomPassword(10);
         LOG.info("Allowing access to web console from localhost or with {}:{}", USER, password);
     }