This is the backend side API it's talking about.I don't care either way.
I'd say no. It's fine ... except it's not fine if the only 2FA option that is working is the email one ... because when I try and add my Authy to it ... it errors out and says it can't generate a code to register in my authenticator app
"Invalid API key"
I don't know what it is asking of me.
I used the email option and it hasn't pestered me enough since then to bother complaining about it.
I think it would be good if you changed the 2fa code requirement to run every 60 days. 90 I think is a bit long, and 30 isnt long enough.