There is no real way to completely prevent brute-force attacks on passwords, but it is possible to mitigate the risk. Choosing suitable passwords and putting in place lockouts that restrict access after x number of failed login attempts will significantly assist in reducing the risk of brute-force attacks. Additionally, you can look at using other forms of authentication, such as two factor, rather than passwords. A number of two-factor authentication systems, like RSA's SecureID token system, are supported on Linux. Other two-factor systems are supported on Linux via PAM or RADIUS.
This was first published in January 2007