diff --git a/.jules/sentinel.md b/.jules/sentinel.md
new file mode 100644
index 000000000..5ffc29d8e
--- /dev/null
+++ b/.jules/sentinel.md
@@ -0,0 +1,5 @@
+## 2024-05-24 - [Insecure Randomness for Identifiers]
+
+**Vulnerability:** Weak random number generation (`Random()`) used for IDs, secrets, tokens, or security-sensitive identifiers.
+**Learning:** `Random()` uses a linear congruential generator or similar PRNG algorithm that can be predicted with enough observations. Attackers can figure out the internal state and guess past or future IDs, leading to potential ID enumeration, session hijacking, or predicting sensitive values.
+**Prevention:** Use `Random.secure()` from `dart:math` for generating any ID, token, or security-critical random value.
diff --git a/lib/abgabe/abgabe_client_lib/lib/src/models/auto_id_generator.dart b/lib/abgabe/abgabe_client_lib/lib/src/models/auto_id_generator.dart
index 86c44fb09..21424ed99 100644
--- a/lib/abgabe/abgabe_client_lib/lib/src/models/auto_id_generator.dart
+++ b/lib/abgabe/abgabe_client_lib/lib/src/models/auto_id_generator.dart
@@ -16,7 +16,8 @@ class AutoIdGenerator {
   static const String alphabet =
       'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
 
-  static final Random _random = Random();
+  // Use Random.secure() to prevent predicting auto-generated IDs
+  static final Random _random = Random.secure();
 
   /// Automatically Generates a random new Id
   static String autoId() {
diff --git a/lib/common_domain_models/lib/src/ids/src/id.dart b/lib/common_domain_models/lib/src/ids/src/id.dart
index 022a684c5..89b9809de 100644
--- a/lib/common_domain_models/lib/src/ids/src/id.dart
+++ b/lib/common_domain_models/lib/src/ids/src/id.dart
@@ -19,9 +19,9 @@ class Id {
   }
 
   /// Generates a new random [Id] with the given [length] using characters
-  /// from a-z, A-Z and 0-9.
+  /// from a-z, A-Z and 0-9. Uses [Random.secure] by default to prevent ID prediction.
   static Id generate({int length = 20, Random? random}) {
-    random ??= Random();
+    random ??= Random.secure();
     const chars =
         'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
     final id =
diff --git a/lib/sharezone_utils/lib/src/random_string/random_string.dart b/lib/sharezone_utils/lib/src/random_string/random_string.dart
index 2322868a4..272dfb14a 100644
--- a/lib/sharezone_utils/lib/src/random_string/random_string.dart
+++ b/lib/sharezone_utils/lib/src/random_string/random_string.dart
@@ -9,7 +9,8 @@
 import 'dart:math';
 
 String randomString(int length) {
-  var rand = Random();
+  // Use Random.secure() to prevent predictability of random strings
+  var rand = Random.secure();
   var codeUnits = List.generate(length, (index) {
     return rand.nextInt(33) + 89;
   });
@@ -18,7 +19,8 @@ String randomString(int length) {
 }
 
 String randomIDString(int length) {
-  var rand = Random();
+  // Use Random.secure() to prevent predictability of generated IDs
+  var rand = Random.secure();
   const chars =
       "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
   String result = "";