[ad_1]
Thank you for trying our plugin.
In the Free edition of the plugin the one-time code sent over email is valid until it is used, or until there is a failed 2FA login attempt. So if someone tries to log in and enters the wrong code, the plugin generates a new code and sends it to the user. This is a security feature to protect against brute force attacks.
You can set one-time codes over email to expire when using the Premium edition of the plugin.
I hope the above helps. Should you have any more questions, please do not hesitate to ask.
Have a great day.
Thanks, @robert681 for your informative response. Really appreciate it.