Yes. You have to be aware of all timeout is the authentication stack.
Are these really two devices? Or are the devices linked to the same Cloud account? Then they probably have the same firebase_token. So for the push service, this is one device.
This is fine. You can unconfigure this is rlm_perl.ini.