What happens when a user has two unused one time password (OTP) emails and deletes the emails?
How will Defender know to send out another Email OTP?
Can unused OTP's be configured to expire after 24 or 48 hours?
Some users VPN in 1-2 times a month and some daily.
The "Responses per Mail" is the setting to be aware of here. As per the Configuration Guide:
"The responses must be used sequentially. The penultimate or last response will trigger the sending of a new E-mail OTP."
If users are deleting the emails and not using the responses then Defender won't know to send a new one.
In terms of available settings, please refer to page 66 of the Configuration Guide.