[ckb1985]

Well I think the best way to prevent atacks like this is to eductate your staff on how people get their passwords in the first place. I mean instead of making some to function as a fix why not try to prevent password theft in the first place and cut off the problem at the source.


One thing that could be done is making sure staff know about trojans and key loggers and making sure that your staff have a current virus scanner. also maybe making the passwords alittle longer making them harder to brute force (but I dont think thats the problem because they are already alphanumeric and case sensative)