Microsoft has released a preview of a tool to block this kind of attack. The tool prevents users from setting a password from the companys list of the 500 most common and easily-guessed examples, including around one million of the most frequent character substitutions. Users can supplement this with a list of blocked passwords that might be specific to their organisation. Microsoft has also released a second tool, Smart Lockout, which uses cloud intelligence to lock out bad actors who are trying to guess your users passwords.”]