Update tutorial and comments for A6 to match Node.js best practices

[jboyer2012]

According to Node's Crypto API docs, the default initialization vector used by the createCipher function is not random enough to protect against brute-force attacks. This code change updates the tutorial and comments for A6 to provide guidance on how to create a properly random IV for use in the AES256 algorithm.

[ckarande]

@jboyer2012 Thanks for the PR. A great suggestion.

A few minor items regarding conventions:

1. The project style guide needs using double quotes and semicolon at end of statements. Can you please update the PR to fix this error:

   app/data/profile-dao.js
   26 | return crypto.pbkdf2Sync(config.cryptoKey, salt, 100000, 512, 'sha512');
   ^ Strings must use doublequote.
   27 | }
   ^ Missing semicolon.

2. I just noticed an existing issue (not from your PR) with a comment on line 15 which says:
   // Fix for A7 - Sensitive Data Exposure
   Can you please also change A7 to A6

Other changes look great and I will merge the PR as soon as you update the PR. Thanks 👍

[jboyer2012]

@ckarande I have updated the code per your instructions. You're good to go to merge. Thanks for the help!