What about bbno$. Even he switches it up from time to time. Keeps you on your toes.

Am an admin, funny thing about conditional access, we use various conditions but one is geolocation; we bar all logins outside of three countries relevant to our workers. We employed it mostly due to a continuous low-threat brute force campaign targeting a few exposed accounts that my data analysis had identified. In testing it out from Red Team’s perspective I quickly realized that conditional access will indeed prevent a login outside of the whitelisted countries, but it will gladly let the attacker know that the reason the login failed was due to conditional access and not an incorrect username/password. So all Red Team has to do is brute force the password and then VPN over to our country of operation and they’re in.