From aa23a5e616d89d76aaf382947131a00739728bc1 Mon Sep 17 00:00:00 2001
From: n-bruno <BrunsCandleWhick@gmail.com>
Date: Fri, 10 Oct 2025 19:36:45 -0400
Subject: [PATCH] Update bcrypt.go

Upgrade Bcrypt DefaultCost from 10 to 12 to match PHP's bcrypt library. See PHP's RFC for research: https://wiki.php.net/rfc/bcrypt_cost_2023
---
 bcrypt/bcrypt.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bcrypt/bcrypt.go b/bcrypt/bcrypt.go
index 3e7f8df871..cb4708ba94 100644
--- a/bcrypt/bcrypt.go
+++ b/bcrypt/bcrypt.go
@@ -21,7 +21,7 @@ import (
 const (
 	MinCost     int = 4  // the minimum allowable cost as passed in to GenerateFromPassword
 	MaxCost     int = 31 // the maximum allowable cost as passed in to GenerateFromPassword
-	DefaultCost int = 10 // the cost that will actually be set if a cost below MinCost is passed into GenerateFromPassword
+	DefaultCost int = 12 // the cost that will actually be set if a cost below MinCost is passed into GenerateFromPassword
 )
 
 // The error returned from CompareHashAndPassword when a password and hash do