Note, since the question was about encrypting messages rather than passwords: If you're encrypting small messages rather than hashing passwords, Go's secretbox package—as part of its NaCl implementation—is the way to go. If you're intent on rolling your own—and I strongly recommend against it, unless it stays within your own dev environment—then AES-GCM is the way to go here.
Otherwise, most of the below still applies:
- Symmetric encryption isn't useful for passwords. There should be no reason why you need the plaintext back—you should only care about comparing hashes (or, more precisely, derivative keys).
- PBKDF2, compared to scrypt or bcrypt, is not ideal (10002 rounds, in 2015, is probably a bit low too). scrypt is memory-hard and much harder to parallelize on a GPU, and in 2015, has had a sufficiently long life as to make it safer than bcrypt (you would still use bcrypt in cases where the scrypt library for your language wasn't great).
- MAC-then-encrypt has issues - you should encrypt-then-MAC.
- Given #3, you should use AES-GCM (Galois Counter Mode) over AES-CBC + HMAC.
Go has a great bcrypt package with an easy-to-use API (generates salts for you; securely compares).
I also wrote an scrypt package that mirrors that package, as the underlying scrypt package requires you to validate your own params and generate your own salts.