This forum thread needs a solution.

Split page web sites autofill the texted 5 digit code as the new login

Type your login credentials for the website and click Login or Sign in.
Does not complete the process. When the second page comes up and requests the 5 digit code texted to me, Norton PWD manger auto-saves that code as my new login. I now have a bank login on NPM with over 30 logins stored with the 5 digit codes as the password.
I then have to go in manually and search and destroy the bogus logins.

QUESTION How can I:   
1) make NPM require OK to save this bogus code? 
2) Avoid the 5 digit codes From creating a new NPM