Too Long; Didn't Read
The most common authentication attack is brute force. Hackers have to spend a lot of time guessing passwords, like SHA-2. Captcha could be hidden and works in the background. Account authentication freeze prevents valuable accounts from brute force attacks. Two-factor authentication really helps and it's very hard to avoid. But be with Random class. You should use RNGCryptoService Provider to generate a cryptographically secure random number, such as one that's suitable for creating a random password.
Share Your Thoughts