Preventing dictionary attacks on a web application

Question

What\'s the best way to prevent a dictionary attack? I\'ve thought up several implementations but they all seem to have some flaw in them:

1. Lock out a user after X

Answer 1

You could disallow passwords that contain dictionary words if you are programming for an application where security is really important. You don't have to allow QWERTY as a valid password.