diff --git a/op/op.Login.php b/op/op.Login.php
index 2eae79ce8..61022c92e 100644
--- a/op/op.Login.php
+++ b/op/op.Login.php
@@ -227,6 +227,23 @@ if (is_bool($user)) {
 		exit;
 	}
 
+	if($settings->_enable2FactorAuthentication) {
+		if($secret = $user->getSecret()) {
+			require "vendor/robthree/twofactorauth/lib/Providers/Qr/IQRCodeProvider.php";
+			require "vendor/robthree/twofactorauth/lib/Providers/Qr/BaseHTTPQRCodeProvider.php";
+			require "vendor/robthree/twofactorauth/lib/Providers/Qr/GoogleQRCodeProvider.php";
+			require "vendor/robthree/twofactorauth/lib/Providers/Rng/IRNGProvider.php";
+			require "vendor/robthree/twofactorauth/lib/Providers/Rng/MCryptRNGProvider.php";
+			require "vendor/robthree/twofactorauth/lib/TwoFactorAuthException.php";
+			require "vendor/robthree/twofactorauth/lib/TwoFactorAuth.php";
+			$tfa = new \RobThree\Auth\TwoFactorAuth('SeedDMS');
+			if($tfa->verifyCode($secret, $_POST['twofactauth']) !== true) {
+				_printMessage(getMLText("login_error_title"),	getMLText("login_error_text"));
+				exit;
+			}
+		}
+	}
+
 	/* Clear login failures if login was successful */
 	$user->clearLoginFailures();