One of the best ways to prevent password-based attacks is

                  to supplement passwords with other authentication techniques.
                  This approach, known as multifactor authentication, is discussed

                  in Chapter 13.


               One of the mistakes made by overzealous security administrators is to
               create a series of strong passwords and then assign them to users (who

               are then prevented from changing their password). At first glance, this
               seems to be a sound security policy. However, the first thing a user will
               do when they receive a password like 1mf0A8flt is write it down on a
               sticky note and put it under their computer keyboard. Whoops!
               Security just went out the window (or under the keyboard)!