diff --git a/index.js b/index.js
index d41b2378..1b56d3bd 100644
--- a/index.js
+++ b/index.js
@@ -21,7 +21,6 @@ var deprecate = require('depd')('express-session');
 var onHeaders = require('on-headers')
 var parseUrl = require('parseurl');
 var signature = require('cookie-signature')
-var uid = require('uid-safe').sync
 
 var Cookie = require('./session/cookie')
 var MemoryStore = require('./session/memory')
@@ -524,7 +523,12 @@ function session(options) {
  */
 
 function generateSessionId(sess) {
-  return uid(24);
+  return crypto
+    .randomBytes(24)
+    .toString("base64")
+    .replace(/\+/g, "-")
+    .replace(/\//g, "_")
+    .replace(/=+$/, "")
 }
 
 /**
diff --git a/package.json b/package.json
index 3bc6ac59..b9f88282 100644
--- a/package.json
+++ b/package.json
@@ -20,8 +20,7 @@
     "depd": "~2.0.0",
     "on-headers": "~1.1.0",
     "parseurl": "~1.3.3",
-    "safe-buffer": "5.2.1",
-    "uid-safe": "~2.1.5"
+    "safe-buffer": "5.2.1"
   },
   "devDependencies": {
     "after": "0.8.2",