Security is one concern -- but sensitive data should probably not be stored in world-accessible temporary files. Another concern is speed: if there's already 500 temporary files named temp0000..0499, which your application doesn't know anything about, it takes 501 attempts (corresponcing to 501 file system access calls) to create a new temporary file, whereas with (pseudo-)randomized names, one single attempt is usually enough!