Does this small piece of code seem ok?

Also I believe narf's solution is based on generating a truly random number, so it's more the algorithm used that is significant rather than anything else. I'm assuming rand_alnum doesn't make use of php's openssl function thingy which bin2hex does.

Just a little correction - bin2hex() just encodes binary data into hexadecimal strings, it's CI_Security::get_random_bytes() that provides the randomness.

Also, the randomness itself is not the result of an algorithm (the uniqueness is).