Why such a token is considered to have a weak entropy?

Question

I am using the following code in my code to send a password reset token to a user.

$token = md5($user_id . time());

Why this is considered as a bad approach being cited as it has a weak entropy? The above code would generate a scary-looking 32 bit token that an attacker cannot decipher at all.

Suppose md5 reverse engineering is not possible (Although it is).

My question is why this is a bad approach? How do I say it has a weak entropy? Is there a way I can calculate its entropy?

Answer 1

How do I say it has a weak entropy?

Your function is deterministic: it produces same result for a given user id at a given time. So if both variables are known the entropy would be zero.

My question is why this is a bad approach?

So if I know a particular user id e.g. 123456 then all I need to do is:

• Initiate a password reset request and note down timestamp of the request e.g. 1726476087
• Brute force the password reset page with hashes generated for that user id and timestamp ± 5 seconds (to compensate for difference in two clocks):

$user_id = 123456;
$request_time = 1726476087;
for ($time = $request_time - 5; $time <= $request_time + 5; $time++) {
    $token = md5($user_id . $time);
    send_request("reset.php?token=" . $token);
}

The brute force approach could be also used for arbitrary user ids with some improvements e.g. calculate the exact different between the clocks and estimate the number of users in the system before hand.