/dev/urandom isn't actually cryptographically secure; it promises not
to block, even if it has insufficient entropy. But in your instance...
Correct. /dev/random is meant to be used for long-lasting
cryptographically-significant uses, such as keys. urandom is not.
http://en.wikipedia.org/wiki//dev/random
... it probably is fine, since password reset tokens don't need to be
as secure as encryption keys (if anyone _does_ figure out how to
predict your password resets, all they'll be able to do is lock people
out of their accounts one by one, not snoop on them all unbeknownst,
and you'll be able to see log entries showing the resets - you DO log
them, right?). In fact, you could probably get away with something
pretty trivial there, like a SHA1 of the current timestamp, the user
name, and the user's current password hash. The chances that anybody
would be able to exploit that are fairly low, given that you're not a
bank or other high-profile target.
If I were an identity thief, I would *love* low-profile targets. Even
though the payoff would be reduced, the cost would be reduced even more:
- they tend to be complacent, even more so than high-profile targets;
- they tend to be smaller, with fewer resources for security;
- mandatory disclosure laws tend not to apply to them;
- they don't tend to have the resources to look for anomalous usage
patterns, if they even cared enough to want to.
If there was a Facebook-like website that wasn't Facebook[1], but still
with multiple tens of thousands of users, I reckon a cracker who didn't
vandalise people's accounts could steal private data from it for *years*
before anyone noticed, and months or years more before they did
something about it.
[1] And very likely a Facebook-like website that *was* Facebook. I
reckon the odds are about 50:50 that FB would prefer to keep a breach
secret than risk the bad publicity by fixing it.