diff --git a/addons/auth_crypt/auth_crypt.py b/addons/auth_crypt/auth_crypt.py
index eb57c8aa063..30c953e5780 100644
--- a/addons/auth_crypt/auth_crypt.py
+++ b/addons/auth_crypt/auth_crypt.py
@@ -5,7 +5,8 @@ from passlib.context import CryptContext
 import openerp
 from openerp.osv import fields, osv
 
-openerp.addons.base.res.res_users.USER_PRIVATE_FIELDS.append('password_crypt')
+from openerp.addons.base.res import res_users
+res_users.USER_PRIVATE_FIELDS.append('password_crypt')
 
 _logger = logging.getLogger(__name__)
 
diff --git a/addons/auth_signup/res_users.py b/addons/auth_signup/res_users.py
index 4b972b5ec20..b49e5d90e9a 100644
--- a/addons/auth_signup/res_users.py
+++ b/addons/auth_signup/res_users.py
@@ -35,7 +35,7 @@ class SignupError(Exception):
 def random_token():
     # the token has an entropy of about 120 bits (6 bits/char * 20 chars)
     chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'
-    return ''.join(random.choice(chars) for i in xrange(20))
+    return ''.join(random.SystemRandom().choice(chars) for i in xrange(20))
 
 def now(**kwargs):
     dt = datetime.now() + timedelta(**kwargs)
diff --git a/addons/pad/pad.py b/addons/pad/pad.py
index 3c929366a59..4bc1b7c1dd5 100644
--- a/addons/pad/pad.py
+++ b/addons/pad/pad.py
@@ -35,7 +35,7 @@ class pad_common(osv.osv_memory):
         pad["server"] = pad["server"].rstrip('/')
         # generate a salt
         s = string.ascii_uppercase + string.digits
-        salt = ''.join([s[random.randint(0, len(s) - 1)] for i in range(10)])
+        salt = ''.join([s[random.SystemRandom().randint(0, len(s) - 1)] for i in range(10)])
         #path
         # etherpad hardcodes pad id length limit to 50
         path = '-%s-%s' % (self._name, salt)
diff --git a/addons/share/wizard/share_wizard.py b/addons/share/wizard/share_wizard.py
index 68db8a8c8cf..8318ec1ba89 100644
--- a/addons/share/wizard/share_wizard.py
+++ b/addons/share/wizard/share_wizard.py
@@ -47,7 +47,7 @@ DOMAIN_ALL = [(1, '=', 1)]
 # A good selection of easy to read password characters (e.g. no '0' vs 'O', etc.)
 RANDOM_PASS_CHARACTERS = 'aaaabcdeeeefghjkmnpqrstuvwxyzAAAABCDEEEEFGHJKLMNPQRSTUVWXYZ23456789'
 def generate_random_pass():
-    return ''.join(random.sample(RANDOM_PASS_CHARACTERS,10))
+    return ''.join(random.SystemRandom().sample(RANDOM_PASS_CHARACTERS,10))
 
 class share_wizard(osv.TransientModel):
     _name = 'share.wizard'