It is recommended that you implement a strict password policy in your Active Directory environment. One which incorporates complexity requirements, password history, and age. This helps to ensure that you are better prepared for users being compromised by hackers and brute force password attacks. To do this navigate to Computer Configuration > Windows Settings > Security Settings > Account Policies > Password Policy and set your policy as per guidelines. For best practices about password rules, click here.
In conjunction with a strong password policy for your Windows domain, it’s highly recommended to have that coincide with a thoughtful account lockout policy. If a malicious actor has one of your users’ account names and is attempting a brute force attack, you can ensure this account is locked out after a set amount of incorrect attempts. To learn more, click here.