diff --git a/login.php b/login.php
index d74b861b..ecd12b1b 100644
--- a/login.php
+++ b/login.php
@@ -15,15 +15,14 @@ if(isset($_POST['login'])){
   if(mysqli_num_rows($sql) == 1){
     $row = mysqli_fetch_array($sql);
     $token = $row['token'];
+    $_SESSION['user_id'] = $row['user_id'];
+    $_SESSION['name'] = $row['name'];
+    $_SESSION['client_id'] = $row['client_id'];
+    $client_id = $row['client_id'];
     
     if(empty($token)){
       $_SESSION['logged'] = TRUE;
-      $_SESSION['user_id'] = $row['user_id'];
-      $_SESSION['name'] = $row['name'];
-      $_SESSION['client_id'] = $row['client_id'];
-      $client_id = $row['client_id'];
-      
-
+         
       if($client_id > 0){
         header("Location: client.php?client_id=$client_id");
       }else{
@@ -35,10 +34,6 @@ if(isset($_POST['login'])){
 
       if(TokenAuth6238::verify($token,$current_code)){
         $_SESSION['logged'] = TRUE;
-        $_SESSION['user_id'] = $row['user_id'];
-        $_SESSION['name'] = $row['name'];
-        $_SESSION['client_id'] = $row['client_id'];
-        $client_id = $row['client_id'];
         header("Location: $config_start_page");
       }else{
         $response = "
@@ -108,7 +103,7 @@ if(isset($_POST['login'])){
           <div class="form-group">
             <div class="form-label-group">
               <input type="text" id="inputToken" name="current_code" class="form-control" placeholder="2FA Token if applicable">
-              <label for="inputToken">Token</label>
+              <label for="inputToken">2FA Token</label>
             </div>
           </div>
           <button class="btn btn-primary btn-block" type="submit" name="login">Login</button>
diff --git a/post.php b/post.php
index 71db8cbf..94834107 100644
--- a/post.php
+++ b/post.php
@@ -115,13 +115,23 @@ if(isset($_POST['edit_invoice_settings'])){
 
 }
 
-if(isset($_POST['settings_2fa'])){
+if(isset($_POST['enable_2fa'])){
 
     $token = mysqli_real_escape_string($mysqli,$_POST['token']);
 
     mysqli_query($mysqli,"UPDATE users SET token = '$token' WHERE user_id = $session_user_id");
 
-    $_SESSION['alert_message'] = "Updated User Token";
+    $_SESSION['alert_message'] = "2FA Enabled and Token Updated";
+
+    header("Location: " . $_SERVER["HTTP_REFERER"]);
+
+}
+
+if(isset($_POST['disable_2fa'])){
+
+    mysqli_query($mysqli,"UPDATE users SET token = '' WHERE user_id = $session_user_id");
+
+    $_SESSION['alert_message'] = "2FA Disabled you can now login without an additional code";
 
     header("Location: " . $_SERVER["HTTP_REFERER"]);
 
diff --git a/settings-user.php b/settings-user.php
index e92241ce..2f0e278f 100644
--- a/settings-user.php
+++ b/settings-user.php
@@ -6,15 +6,10 @@
 
 <div class="card mb-3">
   <div class="card-header">
-    <h6 class="float-left mt-1"><i class="fa fa-fw fa-cog mr-2"></i>User Settings</h6>
+    <h6 class="float-left mt-1"><i class="fa fa-fw fa-lock mr-2"></i>Two Factor Authentication</h6>
   </div>
   <div class="card-body">
     <form class="p-3" action="post.php" method="post" autocomplete="off">
-      <input type="hidden" name="secretkey" value="<?php echo $secret_key; ?>">
-      <div class="custom-control custom-switch mb-2">
-        <input type="checkbox" class="custom-control-input" name="en2fa" <?php if($en2fa == 1){ echo "checked"; } ?> value="1" id="customSwitch1">
-        <label class="custom-control-label" for="customSwitch1">Enable Two Factor Authentication</label>
-      </div>
 
      <?php
         
@@ -23,22 +18,29 @@
         //Generate a base32 Key
         $secretkey = key32gen();
         
-        //Generate QR Code based off the generated key
-        print sprintf('<img src="%s"/>',TokenAuth6238::getBarCodeUrl('','',$secretkey,'PittPC-CRM'));
+        if(!empty($session_token)){ 
+          //Generate QR Code based off the generated key
+          print sprintf('<img src="%s"/>',TokenAuth6238::getBarCodeUrl('','',$session_token,'PittPC-CRM'));
+        }
   
       ?>
       
       <input type="hidden" name="token" value="<?php echo $secretkey; ?>">
+     
       <hr>
-      <button type="submit" name="settings_2fa" class="btn btn-primary">Enable</button>        
+
+      <?php if(empty($session_token)){ ?>
+        <button type="submit" name="enable_2fa" class="btn btn-primary">Enable 2FA</button>
+      <?php }else{ ?>
+        <button type="submit" name="disable_2fa" class="btn btn-danger">Disable 2FA</button> 
+      <?php } ?>      
     
     </form>
 
-    <hr>
-
+    <?php if(!empty($session_token)){ ?>
     <form class="p-3" action="post.php" method="post" autocomplete="off">
       <div class="form-group">
-        <label>Enter Code</label>
+        <label>Verify 2FA is Working</label>
         <div class="input-group">
           <div class="input-group-prepend">
             <span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
@@ -48,10 +50,8 @@
       </div>
       <hr>
       <button type="submit" name="verify" class="btn btn-primary">Verify</button>        
-    
     </form>
-
-
+    <?php } ?>
   </div>
 </div>