Best Practices Crypto Algorithms

I've always wanted just a nice simple list of what crypto algorithms go where. Finally, from Web Security 2.0:

• AES256 in GCM mode for encryption
• HMAC-SHA512 for integrity protection
• SHA-256 or SHA-512 with salt for hashing
• PBKDF2 or bcrypt for passwords, see here for a comparison between the two.
• /dev/urandom or RtlGenRandom/CryptGenRandom for random numbers