This is a banal IP address check.
The user visits the site => the site remembers his IP. If the user logs in from a different IP, then the site sends him a letter with a subject like "is it you or not you?".
From the point of view of programming (in PHP) it is done like this: $_SERVER['REMOTE_ADDR'] -- user ip, obtained when entering the site. When a user registers, his ip is stored in the database. And then, every time someone visits the site, the ip is checked. Those. you entered the site, entered your login and password, the program checks whether your ip matches the one you had before, and if not, it sends you a letter.
This is the simplest version. However, they usually check not only the ip address, but also its binding to the location. Those. there are many ip addresses that are tied, for example, to Moscow. The program can watch - your ip does not match, but it is tied to Moscow and last time you logged in with ip, which was also Moscow - then everything is ok. But if you go to the site and your ip is tied to Yekaterinburg, and the last time you logged in with an ip that was tied to Moscow, the site will send you a letter that a strange login has occurred.

IP + UA + some severity factor. What if the user is a traveller? Everything ingenious is simple