Storing and retrieving secure passwords

retrieving.js

var crypto = require("crypto");

// user submitted form with email + pwd
var pwd = req.params.pwd;

// fetch result from DB ...

// retrieve hash from DB and compare to pwd
var result = <RESULT>;

var meta = fromStore.split(":");
var salt = new Buffer(meta[1], "base64");
var hash = meta[0];

// encrypt+salt password
var encrypted = crypto.pbkdf2(pwd, salt, 10000, 64, function(err, key) {
  if (err) {
    return reject(err);
  }
  key.toString("base64"));
});

// check if passwords match
if (hash !== encrypted) {
  throw new Error("credentials unknown");
}

// user is logged in ...

storing.js

var crypto = require("crypto");

var pwd = "topsecret";

// create random salt
var salt = crypto.randomBytes(64);

// encrypt+salt password
var encrypted = crypto.pbkdf2(pwd, salt, 10000, 64, function(err, key) {
  if (err) {
    return reject(err);
  }
  key.toString("base64"));
});

// combine hash + salt
var toBeStored = encrypted + ":" + salt.toString("base64");

// store in DB in one column ...