Black Bytes
Share this post!

Random Numbers and Strings in Ruby

Randomness can make things more interesting in games or it can help make your sites more secure. In Ruby, there are multiple ways to generate random numbers with various properties. Let’s start by generating some Ruby random numbers using the rand method.

ruby random

Rand produces decimal numbers if called without any arguments, but most of the time you will want whole numbers. You can pass an argument to rand to tell it to generate a number starting from zero up to (but not including) our number.

As you can see, Ruby random number generation is really easy, but what if you need the number to be in a specific range instead of starting from zero? Not a problem, you can just use a range to get exactly what you need.


Better Ruby Random Numbers

The numbers produced by rand might be enough for a simple application, but if you want to use them for security purposes —like generating a password reset token— then you should use SecureRandom, which is part of the Ruby standard library.

SecureRandom seeds its generator from /dev/urandom on Unix systems and on windows it uses the CryptAcquireContext / CryptGenRandom API.

As you can see this works a lot like rand, you can also pass in a max number.

In addition, SecureRandom has other output formats available. Using .hex it can generate a hexadecimal fixed-width string.



Next, we may want to do a random pick from a list. You might be tempted to do this:

But Ruby has the sample method which is better suited (and faster) for this task:

We can also use sample for ranges, this code generates a random letter:

Ruby Random Strings

The ultimate randomness application is to generate a random string with a custom character set. Here is the code:

There are a few things going on here.

First, we prepare our charset using ranges and converting them to arrays. Then we take advantage of calling with a block, which lets us initialize an array of size n with the values produced by the block.

This code will produce strings of the following form: TufwGfXZskHlPcYrLNKg. You can tweak the character set to fit your needs.


That’s it! You are now ready to start using randomness in your Ruby programs 🙂

Found this post useful? Share it with your friends & subscribe to my newsletter so you don’t miss anything new!

Maik Schmidt says last year

Thank you very much for this interesting article! Please, do not forget that there are ways to get real random numbers. I wrote a gem ( for this purpose some years ago and it provides easy access to three online sources of true random numbers. You can find its documentation on Github (


Serguei Cambour (@belgoros) says last year

Nice article ! Thank you very much for sharing!

Matthew Berg says last year

You can pass an argument to sample for the number of elements you want back, so you can simplify this: { charset.sample }.join



You can also splat ranges, so you could create one array instead of two; e.g.

charset = [*"a".."z", *"A".."Z"]

Assuming that method is going to be called more than once, it would make sense to define it once as a constant (or possibly class variable) outside of the routine, rather than generating it each call, so more like:

CHARSET = [*"a".."z", *"A".."Z"]
def generate_code(number); CHARSET.sample(number).join

    Jesus Castello says last year

    Thank you, I didn’t know that you can pass an argument to sample. And I agree that you should only generate the charset once if you are going to use the method multiple times, but I didn’t want to make the code more complex for the examples.

      srcv says last year

      This is not true actually. sample with arguments generates sample without repetitions, so it’s totally different from the original code!

        Jesus Castello says last year

        You are right! Thanks for letting us know 🙂

        For reference, this is what the documentation has to say about sample:

        The elements are chosen by using random and unique indices into the array in order to ensure that an element doesn’t repeat itself unless the array already contained duplicate elements.

        In fact, if you do this:
        charset = [*'a'..'z', *'A'..'Z'].sample(100).join.size

        You only get 52 (one for each in the character set), which might not be what you want.

    Dewayne VanHoozer (@MadBomber) says last year

    One of the many things I like about Ruby is how it seems every day I get a chance to learn something new about the language. I had never seen that splat do on a range before.

    The other thing I learned today is that coping code that has smart quotes in it gets a syntax error.

Panagiotis Atmatzidis says last year

o = [('a'..'z'), ('A'..'Z')].map { |i| i.to_a }.flatten
string = (0...50).map { o[rand(o.length)] }.join

From Stack Overflow works fine.

I used a variant in one of my scripts works awesomely well and it’s fast. That said, it’s way better to write code you and others can understand on the fly in production mode, than smart-ass long snippets copy-pasted from SO.

I think creating a method (like a black box) is the way to go.

Comments are closed