It took me an hour and a half to get on. This double check was terrible -- it would take 10 + minutes to get a code and then it was expired.
I see no reason for a code to not be valid for 30 minutes. Where is the flaw in that?
I also find the 2FA to be somewhat of a burden. If you have a sufficiently strong password, it would be nice if you could opt out of that.