We recommend that you implement a strict password policy in your Active Directory environment. One which incorporates complex requirements, password history, and age. This helps to ensure that you are better prepared for users being compromised by hackers and brute force password attacks. To do this, navigate to Computer Configuration > Windows Settings > Security Settings > Account Policies > Password Policy and set your policy as per guidelines. For best practices on password rules, click here.
In conjunction with a strong password policy for your Windows domain, it’s highly recommended to have one that coincides with a thoughtful account lockout policy. If a malicious actor has one of your users’ account names and is attempting a brute force attack, you can ensure the account is locked out after a set number of incorrect attempts. To learn more, click here.