From b66d8744fface4488d74969b49438f06d86df6db Mon Sep 17 00:00:00 2001
From: Isaac Riehm <32783392+isaacriehm@users.noreply.github.com>
Date: Wed, 26 Nov 2025 09:49:46 -0700
Subject: [PATCH] fix(two-factor): remove incorrect blocking logic in OTP setup
 and verification (#6322)

---
 packages/better-auth/src/plugins/two-factor/otp/index.ts | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/packages/better-auth/src/plugins/two-factor/otp/index.ts b/packages/better-auth/src/plugins/two-factor/otp/index.ts
index 3743edeb40..e2f31854f6 100644
--- a/packages/better-auth/src/plugins/two-factor/otp/index.ts
+++ b/packages/better-auth/src/plugins/two-factor/otp/index.ts
@@ -177,11 +177,6 @@ export const otp2fa = (options?: OTPOptions | undefined) => {
 				});
 			}
 			const { session, key } = await verifyTwoFactor(ctx);
-			if (!session.user.twoFactorEnabled) {
-				throw new APIError("BAD_REQUEST", {
-					message: TWO_FACTOR_ERROR_CODES.OTP_NOT_ENABLED,
-				});
-			}
 			const code = generateRandomString(opts.digits, "0-9");
 			const hashedCode = await storeOTP(ctx, code);
 			await ctx.context.internalAdapter.createVerificationValue({