Does anyone know the expiration time on the code sent to users when they are going through the MFA in the password-reset process?
To clarify, this is referring to the code sent to the cellphone or email of a user. Does anyone know how long it lasts? 10 min? 20 min?
AFAIK, TTL for digital token is 5min