We could use nonces, salting and key stretching as well as minimum password age. Nonce is arbitrary
number that may only be used once. Salting is random data that is used as an additional input to a
one-way function that hashes a password or passphrase. Key stretching – Adding 1-2 seconds to
password verification. If an attacker is brute forcing password and need millions of attempts it
will become an unfeasible attack. Minimum password age is used to prevent users from cycling through
passwords to return to their favorite password again.