Explore the common pitfalls and mistakes in implementing cryptography through this conference talk from GrrCon 2016. Delve into the world of custom single sign-on systems and their vulnerabilities, examining real-world examples of poor cryptographic implementations. Learn about length extension attacks, preimage attacks, and the importance of HMAC. Discover the prevalence of obsolete crypto primitives, short keys, and static initialization vectors in custom SSO solutions. Analyze the implications of these errors for application security and understand why rolling your own crypto is generally discouraged. Gain insights into proper cryptographic implementation techniques, explore resources for learning cryptography, and understand why cryptography poses unique challenges for developers.