Among the countermeasures for brute force attacks such as Two-Factor Authentication (2FA), salting, login throttling, key stretching, or Complex password. Which would be the most effective against brute force attacks?
Using multi-factor authentication, long and complex passwords, strong encryption algorithms with long key, and so on are some of the techniques we employ to protect ourselves from Brute Force attacks. We have to apply all the techniques mentioned in the question in defense-in-depth approach. There is no single cure for brute force attack, rather we got to use a couple of mechanisms instead of relying on a single approach. I would recommend salting, for example, to increase the randomness of our password and make it unguessable. All in all, the issue should be addressed by layered defense mechanisms instead of relying on single protection.