Would be nice to have the ability to set a max length of time (such as 24hrs) a user can be authenticated for and after that they are prompted for MFA