diff --git a/invites/invites.go b/invites/invites.go
index 2706afb..d342374 100644
--- a/invites/invites.go
+++ b/invites/invites.go
@@ -1,10 +1,11 @@
 package invites
 
 import (
+	"crypto/rand"
 	"database/sql"
 	"encoding/base64"
 	"errors"
-	"math/rand"
+	"math/big"
 	"strings"
 	"time"
 
@@ -53,7 +54,6 @@ func ConnectDB() (*sql.DB, error) {
 }
 
 func generateCode(email string) string {
-	rand.Seed(time.Now().Unix())
 
 	charset := "abcdefghijklmnopqrztuvwxyz"
 	charset += strings.ToUpper(charset)
@@ -62,8 +62,14 @@ func generateCode(email string) string {
 
 	code := []byte{}
 
+	max := big.NewInt(int64(len(charset)))
 	for len(code) < codeLen {
-		code = append(code, charset[rand.Intn(len(charset))])
+		ix, err := rand.Int(rand.Reader, max)
+		if err != nil {
+			// TODO this is bad but I'm just kind of hoping it doesn't happen...often
+			panic(err)
+		}
+		code = append(code, charset[ix.Int64()])
 	}
 
 	code = append(code, ' ')