XOR encryption with a one-time random pad is 100% secure (uncrackable) as long as two conditions are met:

- the random pad is unpredictable, i.e. sufficiently random (ideally, truly random); and
- the pad is at least the length of the data being encrypted (meaning there will be no repeats).

We could argue over whether your random data is random enough, but from a quick look it's pseudo-random based on the current time-stamp; so, given that you've provided a working program, the random data is as predictable as the time-stamp.

On the second point, you're still producing a repeating pattern (a longer one, but still repeating.)

As a simple example, if we use a key of length 5 for the first pass, and length 7 for the second pass, the end result is identical to XORing with a single repeating key of length 35 (an XOR of the 5-key and 7-key until they line up; note this doesn't always multiply - keys of lengths 5 and 10 only produce an effective key of length 10.)

As you add more passes, you can increase the effective length of the key used, but it's always going to repeat eventually; so there really is no difference to XORing once with a random key of the same effective length. The only appropriate length is: not less than the length of the data you're encrypting. Also, don't re-use the pad to encrypt anything else, as that's a repeat.

There are standard ways to extract the effective key length used, and after that it's purely a matter of using minimal knowledge of the encrypted data's format to extract parts of the key, which becomes increasingly easy with the number of repeats; so the only safe number of repeats is 0.