diff --git a/internal/model/user.go b/internal/model/user.go
index 8ea1ef1a..741a4e39 100644
--- a/internal/model/user.go
+++ b/internal/model/user.go
@@ -63,6 +63,10 @@ func (u *User) IsAdmin() bool {
 	return u.Role.Contains(ADMIN)
 }
 
+func (u *User) IsOtpEnabled() bool {
+	return u.OtpSecret != ""
+}
+
 func (u *User) ValidateRawPassword(password string) error {
 	return u.ValidatePwdStaticHash(StaticHash(password))
 }
diff --git a/server/webdav.go b/server/webdav.go
index e0980139..92658f95 100644
--- a/server/webdav.go
+++ b/server/webdav.go
@@ -95,7 +95,7 @@ func WebDAVAuth(c *gin.Context) {
 		return
 	}
 	user, err := op.GetUserByName(username)
-	if err != nil || user.ValidateRawPassword(password) != nil {
+	if err != nil || user.IsOtpEnabled() || user.ValidateRawPassword(password) != nil {
 		if c.Request.Method == "OPTIONS" {
 			c.Set("user", guest)
 			c.Next()