diff --git a/poi/src/main/java/org/apache/poi/util/RandomSingleton.java b/poi/src/main/java/org/apache/poi/util/RandomSingleton.java
new file mode 100644
index 0000000000..b6b9f59ba8
--- /dev/null
+++ b/poi/src/main/java/org/apache/poi/util/RandomSingleton.java
@@ -0,0 +1,19 @@
+package org.apache.poi.util;
+
+import java.security.SecureRandom;
+
+/*
+If it is important that the generated Random numbers not be guessable,
+you MUST NOT create a new Random for each random number; the values are too easily guessable.
+
+You should strongly consider using a java.security.SecureRandom instead
+(and avoid allocating a new SecureRandom for each random number needed).
+*/
+
+public class RandomSingleton {
+    private static final SecureRandom INSTANCE = new SecureRandom();
+
+    public static SecureRandom getInstance() {
+        return INSTANCE;
+    }
+}