DrKittens
commented
2 years ago When implementing this, if there is no internal NTP server to sync against (like 99.99% of non-enterprise use-cases) make sure to limit NTP queries to no more than once every half hour (pref longer) to avoid getting blacklisted for excessive requests.
The above timeframe is laid out in pool.ntp.orgs ToS here and likely differs for other public providers.
This will fix issues with code generation when the clock of the device is not set right. Other authenticators do this by default as well.