diff --git a/Changelog b/Changelog
index b09cc03..cd88955 100644
--- a/Changelog
+++ b/Changelog
@@ -1,5 +1,7 @@
 [Changes 1.2c01]
 
+* Strengthen the cookie generation algorithm for /detach. (caf)
+
 * RANDOM_SOURCE now only affects the rand() scripting function. (caf)
 
 * Make RANDOM_LOCAL_PORTS actually random. (caf)
diff --git a/source/commands2.c b/source/commands2.c
index 3c01975..f97c1ac 100644
--- a/source/commands2.c
+++ b/source/commands2.c
@@ -2559,13 +2559,16 @@ void kill_attached_if_needed(int type)
 
 void make_cookie(void)
 {
-int i, j;
-	memset(connect_cookie, 0, sizeof(connect_cookie));
-	for (i = 0; i < (int) (20.0 * rand()/RAND_MAX) + 5; i++)
-	{
-		j = (int)(95.0 * rand()/RAND_MAX);
-		connect_cookie[i] = j + 32;
-	}
+	unsigned char rand_bytes[21];
+	int i;
+	char *cookie;
+
+	for (i = 0; i < sizeof rand_bytes; i++)
+		rand_bytes[i] = random_number(0);
+
+	cookie = base64_encode(rand_bytes, sizeof rand_bytes);
+	strlcpy(connect_cookie, cookie, sizeof connect_cookie);
+	new_free(&cookie);
 }
 
 static int create_ipc_socket(void)