Use a strong bcrypt cost factor | Critiq Docs

#Metadata

Rule ID: go.security.weak-bcrypt-cost
Severity: high
Confidence: 0.9
Languages: go
Presets: security, strict
Stability: experimental
Applies to: block
Tags: cryptography, go, passwords, rules-catalog, security

#Why it matters

Low bcrypt costs make password hashes cheap to crack offline and undermine credential storage protections.

#Remediation

Pass `bcrypt.DefaultCost` (or a higher value tuned to your performance budget) instead of a literal cost less than 10.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/go/go.security.weak-bcrypt-cost.rule.yaml.

Back to directory Open rule in repository