Cognito MFA lockout behaviour

Hello.

After five incorrect attempts, an exponential timeout lockout process will begin, temporarily lockout the user's account.
https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html

After five unsuccessful attempts to present an MFA code, Amazon Cognito begins the exponential-timeout lockout process described at Lockout behavior for failed sign-in attempts.

To clear the lockout, the user must either successfully sign in after the lockout period has elapsed, or not attempt to sign in for 15 consecutive minutes at any point after being locked out.
https://docs.aws.amazon.com/cognito/latest/developerguide/authentication.html#authentication-flow-lockout-behavior

After five failed unauthenticated or IAM-authorized sign-in attempts with a password, Amazon Cognito locks out your user for one second. The lockout duration then doubles after each additional one failed attempt, up to a maximum of approximately 15 minutes. Attempts made during a lockout period generate a Password attempts exceeded exception, and don't affect the duration of subsequent lockout periods. For a cumulative number of failed sign-in attempts n, not including Password attempts exceeded exceptions, Amazon Cognito locks out your user for 2^(n-5) seconds. To reset the lockout to its n=0 initial state, your user must either sign in successfully after a lockout period expires, or not initiate any sign-in attempts for 15 consecutive minutes at any time after a lockout. This behavior is subject to change. This behavior doesn't apply to custom challenges unless they also perform password-based authentication.