In this talk I will provide practical guidelines for using cryptography in many common software engineering tasks. Will cover several common pitfalls of how we can take secure tools and build insecure applications. Some tasks we will discuss include: Encrypting, authentication, session management, data bleaching, and one time tokens. The talk is geared towards experienced software engineers who have limited background in cryptology (e.g 0-2 college courses on crypto & security).