I have a question in a past paper that asks me to “propose a method to stop an offline dictionary attack”.
I understand and have researched about password salts (and peppers) but they can only really protect against rainbow table attacks. However, by using a more sophisticated salt e.g. SHA256 or BCrypt just increases the time and better hardware needed to crack the passwords.
The question asks on how to “stop” the attack. What could be done to “stop” a dictionary attack on kerberos offline?