Q1: Once I receive the authentication code via email or text, how long is it valid for?
A1: It is valid until you close the browser session or request another authentication code.
Q2: A previous question (Part 2, Question 5) asked about locking the account if the authentication code was entered incorrectly. Will there be a limitation on the times a user can attempt to login with their username, password and access code (formerly Security code) before they will prompted for MFA? (Updated 10/5)
A2: Yes. Once a user has attempted to login three (3) times unsuccessfully because they do not know their password they will be required to re-authenticate via MFA on the fourth attempt The purpose is to prevent cyber criminals from making automated attempts of randomizing and finding your password. Cyber Criminals can crack strong 16-character passwords in less an hour.