The rise in machine-enabled password attacks and the cost per record lost in an average case of a data breach necessitate the need for a more robust technique for combating password attacks. Organizations of different sizes and global reputation have been victims of cyber-attacks. The problem of cyber-attacks has attracted several research responses from researchers with some attending results. This article presents the Dual Combat Technique-based Cyber-Systems protection against password attack. The proposed system utilizes a-three-tier model for detection, notification, and combat. The dual combat technique involves the System Protection Model (SPM) and the User Protection Model (UPM). While the SPM implemented a time delay algorithm powered by a geometric progression model, the UPM uses a dual handshake method for data communication between the user and the server. In the first instance, the UPM sends data to the Cyber-system server through an HTTP Request over an SMS gateway to virtualize a user’s account upon a trigger by the attack detection model. In the second instance, the deactivation of the virtualization operation uses the authentication of the user’s email and phone number. The result of the work presents a system that introduces a time-delay after a number of login attempts defined by a certain threshold value, and a user response action for account virtualization. The application testing presented a success rate of 90.16% on the number of times the request response was induced over an eight-day period of testing and 9.84% failed attempts.