Which of the following is the BEST approach to mitigate online brute-force attacks on user accounts?

A.
Passwords stored in encrypted form

B.
User awareness

C.
Strong passwords that are changed periodically

D.
Implementation of lock-out policies

Explanation:

Implementation of account lock-out policies significantly inhibits brute-force attacks. In cases where this is not possible, strong passwords that are changed periodically would be an appropriate choice. Passwords stored in encrypted form will not defeat an online brute-force attack if the password itself is easily guessed. User awareness would help but is not the best approach of the options given.