This article provides more details regarding the "Untrusted IP" criteria used for Multifactor Authentication (MFA), including whether the list of IP addresses it uses is public information and how it determines a high, medium, or low score.

• Multifactor Authentication (MFA)
• UntrustedIP

The Adaptive MFA Untrusted IP Assessor uses aggregated lists of IP addresses of known bad actors from across the internet to check if an IP address is present. The list is internal only.

How the score is determined is also proprietary, so the formula/logic cannot be shared. To expose the current definition would be a moving target, so the score is intentionally abstracted and an aggregate score provided. Moreover, the products are continually enhanced with new risk signals and assessments.