How to Hash Passwords in Go with bcrypt

Use the golang.org/x/crypto/bcrypt package to hash passwords securely with a single function call.

package main

import (
	"fmt"
	"golang.org/x/crypto/bcrypt"
)

func main() {
	password := []byte("mySecretPassword")

	// Hash the password
	hashedPassword, err := bcrypt.GenerateFromPassword(password, bcrypt.DefaultCost)
	if err != nil {
		panic(err)
	}
	fmt.Println("Hash:", string(hashedPassword))

	// Verify the password
	err = bcrypt.CompareHashAndPassword(hashedPassword, password)
	if err != nil {
		fmt.Println("Password mismatch")
	} else {
		fmt.Println("Password matches")
	}
}

Install the dependency first:

go get golang.org/x/crypto/bcrypt

Hashing passwords in Go with bcrypt turns a plain text password into a scrambled string that cannot be reversed. It is like putting a password into a one-way shredder; you can check if a new piece of paper matches the shredded bits, but you can never reconstruct the original text from the shreds. You use this to store passwords safely so that even if your database is stolen, the actual passwords remain secret.