Open your IDE and do a search for "md5(" and "rand(".
There is a very good chance you'll have either (or both) hiding somewhere, serving some purpose that's supposed to be secure, but really isn't! 😱
https://securinglaravel.com/p/security-tip-cryptographically-secure#Laravel#PHP