Azure Active Directory Conditional Access has functionality for “Countries/Regions” – see https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition
That said, the most effective protection you can have against password spray attacks is to enable MFA and disable basic authentication. If you cannot do this for your entire organization, then blocking user access to legacy protocols like POP, EWS, IMAP and SMTP is another step you can take. Exchange Online Client Access Rules can help you to further customize (https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/client-access-rules/client-access-rules). For additional recommendations, please see Office 365 Secure Score.
That said, please know that we are listening to feedback and working on solutions to help make Office 365 users more secure. Thank you for the feedback.Mark Francis commented
This would be extremely useful.
My account is being tried by Chinese IPs. I'm having to try and block them on our firewall.
This feature is a MUST!
1,768 votesMark Francis commented
Management via Powershell would be great.
We have just had a mix up with shared configuration and switching to device based activation!
Now some internal pcs are counted against user's licence counts.
I have a list so i would like to be able to do this in powershell, delete machine xyz from user abc.
I would rather be able to do this than get the users to do it themselves.