diff --git a/composer.json b/composer.json
index 9579f03e2..11798e785 100644
--- a/composer.json
+++ b/composer.json
@@ -65,6 +65,7 @@
         "slim/psr7": "^1.7",
         "chillerlan/php-qrcode": "^5.0",
         "bacon/bacon-qr-code": "^3.0",
+        "endroid/qr-code": "*",
         "seeddms/core": "dev-seeddms-6.0.x",
         "seeddms/lucene": "dev-master",
         "seeddms/preview": "dev-master",
diff --git a/out/out.Setup2Factor.php b/out/out.Setup2Factor.php
index f754c864f..f2479c718 100644
--- a/out/out.Setup2Factor.php
+++ b/out/out.Setup2Factor.php
@@ -24,7 +24,7 @@ require_once("inc/inc.Authentication.php");
 
 $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
 $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
-$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
+$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings);
 
 if ($user->isGuest()) {
 	UI::exitError(getMLText("2_factor_auth"),getMLText("access_denied"));
diff --git a/views/bootstrap/class.Setup2Factor.php b/views/bootstrap/class.Setup2Factor.php
index f64f2c4b6..b7d6fb929 100644
--- a/views/bootstrap/class.Setup2Factor.php
+++ b/views/bootstrap/class.Setup2Factor.php
@@ -18,6 +18,7 @@ require "vendor/autoload.php";
 
 use RobThree\Auth\TwoFactorAuth;
 use RobThree\Auth\Providers\Qr\BaconQrCodeProvider;
+use RobThree\Auth\Providers\Qr\EndroidQrCodeProvider;
 
 /**
  * Class which outputs the html page for ForcePasswordChange view
@@ -92,8 +93,10 @@ $(document).ready( function() {
 		$this->columnStart(6);
 		$this->contentHeading(getMLText('2_factor_auth_new_secret'));
 
-//		$tfa = new \RobThree\Auth\TwoFactorAuth('SeedDMS: '.$sitename);
-		$tfa = new TwoFactorAuth(new BaconQrCodeProvider());
+		/* BaconQrCodeProvider requires imagick
+			$tfa = new TwoFactorAuth(new BaconQrCodeProvider());
+		 */
+		$tfa = new TwoFactorAuth(new EndroidQrCodeProvider());
 		$oldsecret = $user->getSecret();
 		$secret = $tfa->createSecret();
 ?>