I'm looking for some examples of how to securely store passwords and other sensitive data using node.js and mongodb.
I want everything to use a unique salt that I will store along side the hash in the mongo document.
For authentication do I have to just salt and encrypt the input and match it to a stored hash?
Should I ever need to decrypt this data and if so how should I do it?
How are the private keys, or even salting methods securely stored on the server?
I've heard the AES and Blowfish are both good options, what should I use?
Any examples of how to design this would be wonderfully helpful!
Thanks!