How to Use Bcrypt for Password Hashing in Go

Use the golang.org/x/crypto/bcrypt package to hash passwords with bcrypt.GenerateFromPassword and verify them with bcrypt.CompareHashAndPassword. This approach is secure, handles salting automatically, and is the standard for Go applications.

package main

import (
	"fmt"
	"golang.org/x/crypto/bcrypt"
)

func main() {
	// Hash a password
	password := []byte("mySecretPassword")
	hash, err := bcrypt.GenerateFromPassword(password, bcrypt.DefaultCost)
	if err != nil {
		panic(err)
	}

	// Verify the password
	err = bcrypt.CompareHashAndPassword(hash, password)
	if err != nil {
		fmt.Println("Password does not match")
	} else {
		fmt.Println("Password matches")
	}
}

Bcrypt is a tool that turns a plain password into a scrambled string that cannot be reversed. You save this scrambled string in your database instead of the real password. When a user logs in, you scramble their input again and check if it matches the saved string, ensuring hackers can't steal passwords even if they get your database.