If a user receives an OTP token and for some reason this token is not used to login, the next time the user provides the correct credentials he/she won't receive a new OTP.
If the user enters the previouly sent OTP token (it doesn't matter how many days have passed), the user won't receive another token.
In other words, if the e-mail with token is blocked (i.e by a spam filter), the user will never again receive another token via e-mail.
The workaround I found is to manually delete the corresponding entry for the given user in the glpi_plugin_mfa_mfas table.
If a user receives an OTP token and for some reason this token is not used to login, the next time the user provides the correct credentials he/she won't receive a new OTP.
If the user enters the previouly sent OTP token (it doesn't matter how many days have passed), the user won't receive another token.
In other words, if the e-mail with token is blocked (i.e by a spam filter), the user will never again receive another token via e-mail.
The workaround I found is to manually delete the corresponding entry for the given user in the
glpi_plugin_mfa_mfastable.