With context-based authentication, your organization can create rules that determine, pre-authentication, whether and how a given authentication process should proceed based on context. For example, the IP address of a users machine is part of the Tor anonymity network, a known botnet, or an IP or subnet associated with known bad actors can be denied. By comparing a user’s current information with the corresponding information kept in a directory or user store, you can thwart attackers attempting to use credentials they have created.”]
Source: https://www.darkreading.com/authentication/moving-beyond-2-factor-authentication-with-context-