Enforce a password policy. By requiring passwords to be of a certain length and to contain lowercase letters, uppercase letters, numerals, and/or symbols, a simple dictionary attack will not work on the system.
Enforce a password change policy. By requiring passwords to be changed on a regular basis, an attacker might not have enough time to brute-force a potential password. However, strict password change policies can frustrate users and weaken passwords by causing users to follow patterns, such as using password1, password2, etc.
Use Log Monitoring Software. Vigilantly monitoringlogs of invalid password attempts may help an organization detect brute force attacks, potentially giving the organization time to respond before the attack has been successful.