diff --git a/package.json b/package.json
index f51d5bcdc..064bf0f2a 100644
--- a/package.json
+++ b/package.json
@@ -83,7 +83,7 @@
         "xml2js": "0.6.2"
     },
     "optionalDependencies": {
-        "bcrypt": "5.1.1"
+        "@node-rs/bcrypt": "1.10.4"
     },
     "devDependencies": {
         "dompurify": "2.4.1",
diff --git a/packages/node_modules/@node-red/editor-api/lib/auth/users.js b/packages/node_modules/@node-red/editor-api/lib/auth/users.js
index a3ffab5a8..9b0b316ec 100644
--- a/packages/node_modules/@node-red/editor-api/lib/auth/users.js
+++ b/packages/node_modules/@node-red/editor-api/lib/auth/users.js
@@ -17,7 +17,7 @@
 var util = require("util");
 var clone = require("clone");
 var bcrypt;
-try { bcrypt = require('bcrypt'); }
+try { bcrypt = require('@node-rs/bcrypt'); }
 catch(e) { bcrypt = require('bcryptjs'); }
 var users = {};
 var defaultUser = null;
diff --git a/packages/node_modules/@node-red/editor-api/package.json b/packages/node_modules/@node-red/editor-api/package.json
index b022665fb..3397d840b 100644
--- a/packages/node_modules/@node-red/editor-api/package.json
+++ b/packages/node_modules/@node-red/editor-api/package.json
@@ -35,6 +35,6 @@
         "ws": "7.5.6"
     },
     "optionalDependencies": {
-        "bcrypt": "5.1.1"
+        "@node-rs/bcrypt": "1.10.4"
     }
 }
diff --git a/packages/node_modules/node-red/package.json b/packages/node_modules/node-red/package.json
index a3f24f137..4d0f8e519 100644
--- a/packages/node_modules/node-red/package.json
+++ b/packages/node_modules/node-red/package.json
@@ -44,7 +44,7 @@
         "semver": "7.5.4"
     },
     "optionalDependencies": {
-        "bcrypt": "5.1.1"
+        "@node-rs/bcrypt": "1.10.4"
     },
     "engines": {
         "node": ">=18.5"
diff --git a/packages/node_modules/node-red/red.js b/packages/node_modules/node-red/red.js
index 2d5cb5bc3..b97806ca8 100755
--- a/packages/node_modules/node-red/red.js
+++ b/packages/node_modules/node-red/red.js
@@ -38,7 +38,7 @@ var https = require('https');
 var util = require("util");
 var express = require("express");
 var crypto = require("crypto");
-try { bcrypt = require('bcrypt'); }
+try { bcrypt = require('@node-rs/bcrypt'); }
 catch(e) { bcrypt = require('bcryptjs'); }
 var nopt = require("nopt");
 var path = require("path");
diff --git a/scripts/verify-package-dependencies.js b/scripts/verify-package-dependencies.js
index 9989d301b..7b462f830 100644
--- a/scripts/verify-package-dependencies.js
+++ b/scripts/verify-package-dependencies.js
@@ -5,7 +5,6 @@ const fs = require("fs-extra");
 const should = require("should");
 
 const rootPackage = require(path.join("..","package.json"));
-const rootDependencies = rootPackage.dependencies;
 const packages = [
     "node-red",
     "@node-red/editor-api",
@@ -18,21 +17,23 @@ const packages = [
 
 const fixFlag = process.argv[2] === '--fix';
 
-function verifyDependencies() {
+async function verifyDependencies(depType = 'dependencies') {
+    const rootDependencies = rootPackage[depType];
+
     let failures = [];
     let packageUpdates = {};
     packages.forEach(package => {
         let modulePackage = require(path.join("../packages/node_modules",package,"package.json"));
-        let dependencies = Object.keys(modulePackage.dependencies||{});
+        let dependencies = Object.keys(modulePackage[depType]||{});
         dependencies.forEach(module => {
             try {
                 if (!/^@node-red\//.test(module)) {
-                    should.exist(rootDependencies[module],`[${package}] '${module}' missing from root package.json`);
+                    should.exist(rootDependencies[module],`[${package}] '${module}' missing from root package.json ${depType}`);
                     try {
-                        rootDependencies[module].should.eql(modulePackage.dependencies[module],`[${package}] '${module}' version mismatch. Expected '${modulePackage.dependencies[module]}' (got '${rootDependencies[module]}') `);
+                        rootDependencies[module].should.eql(modulePackage[depType][module],`[${package}] '${module}' version mismatch. Expected '${modulePackage.dependencies[module]}' (got '${rootDependencies[module]}') in ${depType} `);
                     } catch(err) {
                         if (fixFlag) {
-                            modulePackage.dependencies[module] = rootDependencies[module];
+                            modulePackage[depType][module] = rootDependencies[module];
                             packageUpdates[package] = modulePackage;
                         } else {
                             failures.push(err.toString());
@@ -56,12 +57,17 @@ function verifyDependencies() {
             process.exit(1);
         })
     } else {
-        return Promise.resolve(failures);
+        return failures;
     }
 }
 
 if (require.main === module) {
-    verifyDependencies().then(failures => {
+    let failures = []
+    verifyDependencies('dependencies').then(depFailures => {
+        failures = failures.concat(depFailures)
+        return verifyDependencies('optionalDependencies')
+    }).then(optDepFailures => {
+        failures = failures.concat(optDepFailures)
         if (failures.length > 0) {
             failures.forEach(f => console.log(` - ${f}`));
             console.log("Run with --fix option to fix up versions")