Being asked a One Time Code 20 times a day is annoying.. uMatrix advice needed

Yep, point at the uMatrix user. Before you start sneering, I was already angry baby face on seeing the amount of 3rd-party and XHRs on the first visit to the new site. Joy, the Internet Surveillance Complex. The company mentioned being all-in to trying zero-knowledge authentication, but it appears to reliant on external and 'less trustworthy' operations that Elite Power Users® such as myself have uMatrix for.

Now for the actual question after my patronizing rant: What's the least amount of uMatrix pass-through compromise necessary to not get OTC on every page refresh?