diff --git a/scripts/zmupdate.pl.in b/scripts/zmupdate.pl.in
index ba8f02f9e..86f416928 100644
--- a/scripts/zmupdate.pl.in
+++ b/scripts/zmupdate.pl.in
@@ -1041,7 +1041,18 @@ sub patchDB {
 
 sub migratePasswords {
   use Crypt::Eksblowfish::Bcrypt;
-  use Data::Entropy::Algorithms qw(rand_bits);
+  my $random;
+  eval {
+    require Bytes::Random::Secure;
+    $random = Bytes::Random::Secure->new( Bits        => 16*8);
+  };
+  if ($@ or !$random) {
+    eval {
+      require Data::Entropy::Algorithms;
+      $random =Data::Entropy::Algorithms::rand_bits(16*8);
+    };
+  }
+
   print("Migratings passwords, if any...\n");
   my $sql = 'SELECT * FROM `Users`';
   my $sth = $dbh->prepare_cached($sql) or die( "Can't prepare '$sql': ".$dbh->errstr() );
@@ -1050,7 +1061,7 @@ sub migratePasswords {
     my $scheme = substr($user->{Password}, 0, 1);
     if ($scheme eq '*') {
       print('-->'.$user->{Username}." password will be migrated\n");
-      my $salt = Crypt::Eksblowfish::Bcrypt::en_base64(rand_bits(16*8));
+      my $salt = Crypt::Eksblowfish::Bcrypt::en_base64($random);
       my $settings = '$2a$10$'.$salt;
       my $pass_hash = Crypt::Eksblowfish::Bcrypt::bcrypt($user->{Password},$settings);
       my $new_pass_hash = '-ZM-'.$pass_hash;