Isak, a security professional within an organization, has detected anomalies in the user accounts on a web server. In order to mitigate potential threats, he has chosen to enhance the security of the web server by implementing countermeasures to protect the accounts. Which of the following countermeasures should Isak implement to secure the user accounts on the web server?