The backend is rejecting this request, as too many were made for this email recently. From a UI point of view, you might be able to proceed and request the 2FA code to the user anyway