diff --git a/post.php b/post.php
index 9e563c69..1b6b9bb0 100644
--- a/post.php
+++ b/post.php
@@ -148,6 +148,7 @@ if(isset($_POST['edit_user'])){
     $role = intval($_POST['role']);
     $existing_file_name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['existing_file_name'])));
     $extended_log_description = '';
+    $two_fa = $_POST['2fa'];
 
     if(!file_exists("uploads/users/$user_id/")) {
         mkdir("uploads/users/$user_id");
@@ -211,6 +212,11 @@ if(isset($_POST['edit_user'])){
         $extended_log_description .= ", password changed";
     }
 
+    if(!empty($two_fa) && $two_fa == 'disable'){
+      mysqli_query($mysqli, "UPDATE users SET user_token = '' WHERE user_id = '$user_id'");
+      mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name disabled 2FA for $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_user_id = $session_user_id, company_id = $session_company_id");
+    }
+
     //Update User Settings
     mysqli_query($mysqli,"UPDATE user_settings SET user_role = $role, user_default_company = $default_company WHERE user_id = $user_id");
 
diff --git a/settings-user.php b/settings-user.php
index 809a8a82..33869c51 100644
--- a/settings-user.php
+++ b/settings-user.php
@@ -86,12 +86,18 @@ $sql_recent_logs = mysqli_query($mysqli,"SELECT * FROM logs
           
         </form>
 
+        <hr>
+
+        <h3>2-Factor Authentication</h3>
+
         <form class="p-3" action="post.php" method="post" autocomplete="off">
         
           <?php if(empty($session_token)){ ?>
-            <button type="submit" name="enable_2fa" class="btn btn-primary mt-3 float-right"><i class="fa fa-fw fa-lock"></i> Enable 2FA</button>
+            <p>You have not setup 2FA, click on enable to setup 2FA.</p>
+            <button type="submit" name="enable_2fa" class="btn btn-primary mt-3"><i class="fa fa-fw fa-lock"></i> Enable 2FA</button>
           <?php }else{ ?>
-            <button type="submit" name="disable_2fa" class="btn btn-danger mt-3 float-right"><i class="fa fa-fw fa-unlock"></i> Disable 2FA</button> 
+            <p>You have setup 2FA. Your QR code is below.</p>
+            <button type="submit" name="disable_2fa" class="btn btn-danger mt-3"><i class="fa fa-fw fa-unlock"></i> Disable 2FA</button>
           <?php } ?>        
 
         <center>
@@ -124,7 +130,7 @@ $sql_recent_logs = mysqli_query($mysqli,"SELECT * FROM logs
             <div class="input-group-prepend">
               <span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
             </div>
-            <input type="text" class="form-control" name="code" placeholder="Verify Code" required>
+            <input type="text" class="form-control" name="code" placeholder="Verify 2FA Code" required>
             <div class="input-group-append">
               <button type="submit" name="verify" class="btn btn-primary">Verify</button>
             </div>
diff --git a/user_edit_modal.php b/user_edit_modal.php
index a15df457..c158b4fd 100644
--- a/user_edit_modal.php
+++ b/user_edit_modal.php
@@ -99,6 +99,23 @@
             <label>Avatar</label>
             <input type="file" class="form-control-file" accept="image/*;capture=camera" name="file">
           </div>
+
+          <?php if(!empty($user_token)) { ?>
+
+            <div class="form-group">
+              <label>2FA</label>
+              <div class="input-group">
+                <div class="input-group-prepend">
+                  <span class="input-group-text"><i class="fa fa-fw fa-id-card"></i></span>
+                </div>
+                <select class="form-control" name="2fa">
+                  <option value="">Keep enabled</option>
+                  <option value="disable">Disable</option>
+                </select>
+              </div>
+            </div>
+
+          <?php } ?>
                    
         </div>
         <div class="modal-footer bg-white">
diff --git a/users.php b/users.php
index 9af2c4cc..f493e73e 100644
--- a/users.php
+++ b/users.php
@@ -85,6 +85,7 @@
             $user_name = $row['user_name'];
             $user_email = $row['user_email'];
             $user_avatar = $row['user_avatar'];
+            $user_token = $row['user_token'];
             $user_default_company = $row['user_default_company'];
             $user_role = $row['user_role'];
             if($user_role == 3){
