The original consensus cleanup proposal uses 600 seconds for the reasons I describe above.
The testnet4 implementation started out with 7200 seconds. This was to allow miners to use the system clock. But that was considered a bad idea and so it was reverted back to 600 here: Move maximum timewarp attack threshold back to 600s from 7200s by TheBlueMatt · Pull Request #30647 · bitcoin/bitcoin · GitHub
And so I’m proposing to bring it back to 7200, but not for the reason testnet4 initially did it.
As you say, anything less than 1 day is probably good enough.
Seperate from that is your observation here: Zawy’s Alternating Timestamp Attack