diff --git a/Cargo.toml b/Cargo.toml
index 8fdde1324..1d65c2c8f 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -18,7 +18,7 @@ description = "A library for managing temporary files and directories."
 
 [dependencies]
 cfg-if = "1"
-rand = "0.8"
+rand = { version = "0.8", features = ["small_rng", "getrandom"], default_features = false }
 remove_dir_all = "0.5"
 
 [target.'cfg(unix)'.dependencies]
diff --git a/src/util.rs b/src/util.rs
index aa76bb256..451852b4b 100644
--- a/src/util.rs
+++ b/src/util.rs
@@ -1,8 +1,9 @@
 use rand::distributions::Alphanumeric;
-use rand::{self, Rng};
+use rand::{Rng, SeedableRng};
+use rand::rngs::SmallRng;
 use std::ffi::{OsStr, OsString};
 use std::path::{Path, PathBuf};
-use std::{io, str};
+use std::io;
 
 use crate::error::IoResultExt;
 
@@ -10,15 +11,12 @@ fn tmpname(prefix: &OsStr, suffix: &OsStr, rand_len: usize) -> OsString {
     let mut buf = OsString::with_capacity(prefix.len() + suffix.len() + rand_len);
     buf.push(prefix);
 
-    // Push each character in one-by-one. Unfortunately, this is the only
-    // safe(ish) simple way to do this without allocating a temporary
-    // String/Vec.
-    unsafe {
-        rand::thread_rng()
-            .sample_iter(&Alphanumeric)
-            .take(rand_len)
-            .for_each(|b| buf.push(str::from_utf8_unchecked(&[b as u8])))
-    }
+    let small_rng = SmallRng::from_entropy();
+    buf.push(small_rng
+        .sample_iter(&Alphanumeric)
+        .take(rand_len)
+        .collect::<String>()
+    );
     buf.push(suffix);
     buf
 }