How to hash and compare passwords in Go

The best to hash passwords in Go is using golang.org/x/crypto/bcrypt:

func HashPassword(password string) (string, error) {
    bytes, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
    return string(bytes), err
}
  
func CheckPasswordHash(password, hash string) bool {
    err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
    return err == nil
}

You should use the default bcrypt.DefaultCost just in case that the current value will become not sufficient and the default cost will increase.

Buy me a coffeeBuy me a coffee
Tags: #go #bcrypt #security

See Also