The best way to protect against brute-force attacks is by implementing a layered approach that includes increasing password complexity, enforcing password manager rules, limiting failed login attempts, and encrypting data using 256-bit encryption and password hashes.
Increasing the complexity of passwords makes them difficult to crack, reducing the time required to decrypt them. Organizations should also enforce strict password manager rules, like a minimum passphrase length or compulsorily enabling special characters during login.
Limiting failed login attempts further helps protect networks by locking users out after repeated attempts have been made.
MOre info: Probationary Period for Employees