Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity Awareness Month 2022: Using Strong Passwords and a Password Manager

Cybersecurity Awareness Blog 2022 Image

The key behavior that we are highlighting this week for Cybersecurity Awareness Month is using strong passwords and a password manager. In today’s blog we interviewed NIST’s Connie LaSalle, a senior technology policy advisor, and she offers four specific ways to mitigate your cybersecurity risks online while discussing the importance of adopting strong passwords.

Take a look at her responses to our questions below…

This week’s Cybersecurity Awareness Month theme is using strong passwords and a password manager. How does your work/specialty area at NIST tie into this behavior?

As a senior technology policy advisor, I help NIST teams interpret, anticipate, and formulate a position on matters of policy that may affect our role or our work, including issues related to identity, credential, and access management (ICAM). Additionally, as an ICAM subject matter expert, I contribute to NIST guidance, such as Special Publication 800-63, Digital Identity Guidelines, which offers direction on several ICAM topics, including those highlighted as this week’s key behavior. 

What is the easiest way to stay safe online?

Just like in the physical world around us, we should all be aware of our surroundings online. Social engineering attacks, phishing, mis/disinformation campaigns, scams, and many other nefarious activities are increasingly sophisticated and common, so being a skeptical consumer of information is generally a good rule of thumb. For groups and individuals who may be at high risk of targeted attacks or harassment, both online and offline, it is especially important to monitor your digital footprint and be conscientious about which technologies (and people) you decide to trust with your information. Tying this back to our theme, one helpful habit that everyone can adopt is use of strong passwords – or, even better, multi-factor authentication that is phishing-resistant, where possible.

What are three things you can do to minimize cybersecurity risks to a person or businesses?

I’ll offer three things and a bonus fourth. Mitigating risk, whether you are an individual or a business, comes down to a few buckets of action that translate across contexts —

  1.  understand your environment (e.g., people, their preferences and needs, assets for which you are responsible or upon which you are reliant, etc.)
  2. understand risks to your environment
  3. take action to manage risks based on their relevance to your environment and your priorities
  4. have a backup plan when something unexpected happens

What does #BeCyberSmart mean to you?

Knowledge is power. Taking a few steps to arm yourself with information about online safety can make a difference, and not just in the digital world.

What is your favorite thing about working at NIST? 

NIST’s culture of excellence permeates everything we do in a palpable way. It is motivating to be surrounded by so many people who care deeply about their work and each other. That aspect of our culture has undoubtedly contributed to the cybersecurity program’s five-decade track record of impactful and relevant work.

About the author

Connie LaSalle

Connie LaSalle is a Senior Technology Policy Advisor within the NIST IT Lab. Prior to joining NIST, Connie led the Platform Program and Federal Customer Success teams at DC-based startup Virtru. In the years leading up to this role, Connie served as the lead policy advisor to the Chief Information Officer of the U.S. Department of Justice and led several cybersecurity and IT modernization initiatives within the White House Office of Management and Budget. Beyond her government service, Connie brings several years of industry experience with her to NIST and holds a graduate degree in public policy.


Add new comment

Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.