The BEST method of protection is for people to use decent Alphanumeric Passwords, as they're much harder to crack. And I don't mean things like P455W0RD. That's easy. I mean things like...EtErnaL5thGuaRdiaN or something of the sort. It has Capitals, Lowercase, and a number. AND the mix of Upper and Lowercase would take considerable time to crack.
This isn't something that staff can impact. I would never use such a complex password myself since it would cause so many easy errors and I would have to re-enter it multiple times. I peronsonally do use passwords that are 20+ characters long, sometimes including "@", "_" or some numbers, etc. But Agin- staff can't simply force someone's hand in making a more secure password, and their suggestion is just as good as anyone's- using a strong password is simply common sense and yet we have come to this point. People will continue to choose to make their passwords easier for themselves, and in turn easier for others to crack; and again I refer to my suggestion as an alternative. I feel that even if a user chose a poor password- it'd be far from easy to name something so similar. Additionally; people may be stupid with those 'what is your angel name' type posts, but I was referring to things similar to how your bank may ask for you eldest aunt's name, or your first best friend's name as a secondary login step.
