Quote Originally Posted by worldofneil View Post
Although other websites will have their own rules, in my experience it's common that anything requiring a one time password would accept the current password, but also the password before AND the password after (so increasing the login window size from 30 seconds to 1 minute and 30 seconds). This is why with other websites you can still submit as password as it's about to change, but with XIV as soon as the password changes, it's instantly denied.

It'd be nice if SE would change their system to do this as well, but I'm just happy they're using a standard authenticator now so I'll live with it. If your password is about to timeout, just wait for it to change first
That.. sounds pretty dangerous. The longer the window the more likely that those phishing sites would get hold of the victims’ accounts, which defeats the part of the point of having 2FA.

I actually switched from the SE’s own app to Microsoft’s Authenticator in hopes of a shorter window, because SE’s own one felt pretty long.