Two factor authentication: expiry of sent text message

I have been asked to research expiry times of text messages sent to a user that contain a login code.

In this journey a user will identify themselves on a website and then ask for a text message to be sent to their phone which contains a temporary pass code. They will enter this passcode into the website and be logged in.

My question: how long should this text code remain valid before it expires?

5 min? 20 min? any guidance?

Tags: UX Stack Exchange

Two factor authentication: expiry of sent text message

UX in 2018: The human element

Three Takeaways from the Hawai’i Missile False Alarm

UX in 2018: Content

UX in 2018: Design, Development, and Accessibility

The Power and Danger of Persuasive Design

Two factor authentication: expiry of sent text message

Related Posts