While I applaud ME's inclusion of two-factor authentication in ADmanager, it doesn't seem to have been implemented with any forethought with regards to usability. If you have a session timeout of 15-20 minutes, you're basically forced to 2-factor auth back into ADmanager 12-20 times per typical work day. Also, what happens if a technician forgets his/her phone at home? There is no temporary "exception" process.

Please implement a "remember me on this computer" setting that allows us to define how long that 2FA trust lasts -- for example, on many sites that have 2FA, this lasts for 14 or 30 days. Also, allow for a temporary (configurable) exception for cases as I described.