diff --git a/internal/model/user.go b/internal/model/user.go
index 2d61a971..172c952f 100644
--- a/internal/model/user.go
+++ b/internal/model/user.go
@@ -56,6 +56,10 @@ func (u *User) IsAdmin() bool {
 	return u.Role == ADMIN
 }
 
+func (u *User) IsOtpEnabled() bool {
+	return u.OtpSecret != ""
+}
+
 func (u *User) ValidateRawPassword(password string) error {
 	return u.ValidatePwdStaticHash(StaticHash(password))
 }
diff --git a/server/webdav.go b/server/webdav.go
index 2b5c9618..b9048077 100644
--- a/server/webdav.go
+++ b/server/webdav.go
@@ -79,7 +79,7 @@ func WebDAVAuth(c *gin.Context) {
 		return
 	}
 	user, err := op.GetUserByName(username)
-	if err != nil || user.ValidateRawPassword(password) != nil {
+	if err != nil || user.IsOtpEnabled() || user.ValidateRawPassword(password) != nil {
 		if c.Request.Method == "OPTIONS" {
 			c.Set("user", guest)
 			c.Next()