This article describes known scenarios where the authentication may time out.
When a user invokes the credential migration to another device, the dialog that shows the QR code and the text code will block authentications while it is open. The intention is that the user will not leave sensitive QR code visible on their screen for too long time.
We have UI improvements in the works to address this type of scenarios.
Bad network connectivity can cause timeouts, especially if there is any packet loss. From the Beyond Identity services perspective, the endpoint will just stop communicating with our services, and from the user's perspective, there is a delay in authentication and/or it will time out or fail.
A separate category of network-related issues are proxies that inspect HTTPS traffic and rewrite headers etc.
If the proxies are managed by your organization, please read the related article about known hosts.