As it is, you can only re-enable it once it's turned off, but once it is turned back on, customers are not able to turn it off again.
It would be easier for customers to have the freedom to do so permanently, Especially when it is unclear which security setting on the network or computer is rejecting the code they receive via email.
Not everyone knows how to turn off pop-up/adblockers on their browser or even turn off/on the security software on their pc, much less whitelist port 443 on their routers.
Even if Support can assist to a certain degree, if it's whitelisting port 443, not all routers have the same options. Not all agents have the knowledge to whitelist it on a network device as it's beyond support boundaries for regular support.
Nor does the customer always have access to its login. If the customer's need is imminent, they'll need a way to bypass this feature until they have time to work on it.