diff --git a/public/auth/twofactor.php b/public/auth/twofactor.php
index 6aa18cfe..8174c75c 100644
--- a/public/auth/twofactor.php
+++ b/public/auth/twofactor.php
@@ -42,9 +42,11 @@ while (!empty($twofactor->value('array'))) {
         break;
     }
 
+    $givenCode = $twofactor->code->value('string', '');
     $currentCode = totp_generate($tokenInfo['user_totp_key']);
+    $previousCode = totp_generate($tokenInfo['user_totp_key'], time() - 30);
 
-    if ($currentCode !== $twofactor->code->value('string', '')) {
+    if ($currentCode !== $givenCode && $previousCode !== $givenCode) {
         $notices[] = sprintf(
             "Invalid two factor code, %d attempt%s remaining",
             $remainingAttempts - 1,