diff --git a/src/OpenWork/Provider/Client.php b/src/OpenWork/Provider/Client.php
index 2fe320321..c63b589b3 100644
--- a/src/OpenWork/Provider/Client.php
+++ b/src/OpenWork/Provider/Client.php
@@ -44,7 +44,7 @@ public function __construct(ServiceContainer $app)
     public function getLoginUrl(string $redirectUri = '', string $userType = 'admin', string $state = '')
     {
         $redirectUri || $redirectUri = $this->app->config['redirect_uri_single'];
-        $state || $state = rand();
+        $state || $state = random_bytes(64);
         $params = [
             'appid' => $this->app['config']['corp_id'],
             'redirect_uri' => $redirectUri,