In Bot detection what is "When risky"

When enabling the Bot detection in the tenant, one of the option is the following:

"When Risky

Users are required to complete a CAPTCHA if the login is high risk."

Could someone explain what is considered a “high risk”? What is the criteria to decide that a login or sign up attempt is high risk?


1 Like

That’s a good question. Let me reach out to the team to find out more about that!

Hey there!

It seems like I have an answer for you:

The Attack Protection intro page lists Bot Detection Risk Signals as associated with quality of IP traffic. If a user trying to login or create an account from an IP that could be part of a credential stuffing or list validation attack. Yhat is what we mean as a “high risk”