diff --git a/packages/client/src/components/MkSignin.vue b/packages/client/src/components/MkSignin.vue
index 53d3c3d1b..4f5c6fcba 100644
--- a/packages/client/src/components/MkSignin.vue
+++ b/packages/client/src/components/MkSignin.vue
@@ -79,10 +79,10 @@
 						{{ i18n.ts.retry }}
 					</MkButton>
 				</div>
-				<div v-if="user && user.securityKeys" class="or-hr">
+				<div v-if="user && user.securityKeys && user.twoFactorEnabled" class="or-hr">
 					<p class="or-msg">{{ i18n.ts.or }}</p>
 				</div>
-				<div class="twofa-group totp-group">
+				<div v-if="user.twoFactorEnabled" class="twofa-group totp-group">
 					<p style="margin-bottom: 0">
 						{{ i18n.ts.twoStepAuthentication }}
 					</p>
@@ -247,25 +247,23 @@ function queryKey() {
 function onSubmit() {
 	signing.value = true;
 	console.log("submit");
-	if (!totpLogin.value && user.value && user.value.twoFactorEnabled) {
-		if (window.PublicKeyCredential && user.value.securityKeys) {
-			os.api("signin", {
-				username: username.value,
-				password: password.value,
-				"hcaptcha-response": hCaptchaResponse.value,
-				"g-recaptcha-response": reCaptchaResponse.value,
+	if (window.PublicKeyCredential && user.value.securityKeys) {
+		os.api("signin", {
+			username: username.value,
+			password: password.value,
+			"hcaptcha-response": hCaptchaResponse.value,
+			"g-recaptcha-response": reCaptchaResponse.value,
+		})
+			.then((res) => {
+				totpLogin.value = true;
+				signing.value = false;
+				challengeData.value = res;
+				return queryKey();
 			})
-				.then((res) => {
-					totpLogin.value = true;
-					signing.value = false;
-					challengeData.value = res;
-					return queryKey();
-				})
-				.catch(loginFailed);
-		} else {
-			totpLogin.value = true;
-			signing.value = false;
-		}
+			.catch(loginFailed);
+	} else if (!totpLogin.value && user.value && user.value.twoFactorEnabled) {
+		totpLogin.value = true;
+		signing.value = false;
 	} else {
 		os.api("signin", {
 			username: username.value,