2FA codes are time sensitive. As long as you enter the correct code within the time period, even if you entered wrong code before, it should work.
I am not saying that measures against brute force shouldn't be taken by LO, just 2FA doesn't work that way.
I am against SMS 2FA or 2FA that use proprietary apps in general.
SMS 2FA codes comes with other problems, like trouble with routing, making your code either arrive with big delay or never, essentially locking you out. Not to mention the SIM swapping threat (although this is mainly a targeted attack)
In my opinion Google Authentication compatible 2FA codes are the best in this case.