There's probably a vague/inconsistent (possibly "AI") threat-score / heuristic. I've heard of extra security requirements being imposed for like 30 days or so when you haven't accessed for a long time (or on a new machine?) and it's just ironic how they currently put you in a catch-22