Password attack mitigation techniques are as follows:

• Do not allow users to have the same password on multiple systems. Most users use the same password for each system they access, and often personal system passwords are also the same.

• Disable accounts after a specific number of unsuccessful logins. This practice helps to prevent continuous password attempts.

• Do not use plain-text passwords - Use of either an OTP or encrypted password is recommended.
  

• Use strong passwords - Strong passwords are at least eight characters long and contain uppercase letters, lowercase letters, numbers, and special characters. Many systems now provide strong password support and can restrict a user to the use of strong passwords only.

- CITC - NTS Support Centre