diff --git a/functions.inc.php b/functions.inc.php
index 3e647b84..a28af04a 100644
--- a/functions.inc.php
+++ b/functions.inc.php
@@ -108,7 +108,8 @@ function init_session($username, $is_admin = false)
     $_SESSION['sessid']['roles'] = array();
     $_SESSION['sessid']['roles'][] = $is_admin ? 'admin' : 'user';
     $_SESSION['sessid']['username'] = $username;
-    $_SESSION['PFA_token'] = md5(uniqid("", true));
+
+    $_SESSION['PFA_token'] = md5(random_bytes(8) . uniqid('pfa', true));
 
     return $status;
 }
diff --git a/public/users/login.php b/public/users/login.php
index ccb77b31..439e376c 100644
--- a/public/users/login.php
+++ b/public/users/login.php
@@ -70,8 +70,7 @@
 if ($error) {
     flash_error($error);
 }
-
-$_SESSION['PFA_token'] = md5(uniqid('pfa'  . rand(), true));
+$_SESSION['PFA_token'] = md5(random_bytes(8) . uniqid('pfa', true));
 
 $smarty->assign('language_selector', language_selector(), false);
 $smarty->assign('smarty_template', 'login');