diff --git a/apps/common/permissions.py b/apps/common/permissions.py
index b6ba60ac9..7ce39e1a4 100644
--- a/apps/common/permissions.py
+++ b/apps/common/permissions.py
@@ -62,16 +62,22 @@ class UserConfirmation(permissions.BasePermission):
 
         confirm_level = request.session.get('CONFIRM_LEVEL')
         confirm_time = request.session.get('CONFIRM_TIME')
-
+        ttl = self.get_ttl()
         if not confirm_level or not confirm_time or \
                 confirm_level < self.min_level or \
-                confirm_time < time.time() - self.ttl:
+                confirm_time < time.time() - ttl:
             raise UserConfirmRequired(code=self.confirm_type)
         return True
 
+    def get_ttl(self):
+        if self.confirm_type == ConfirmType.MFA:
+            ttl = settings.SECURITY_MFA_VERIFY_TTL
+        else:
+            ttl = self.ttl
+        return ttl
+
     @classmethod
     def require(cls, confirm_type=ConfirmType.ReLogin, ttl=60 * 5):
         min_level = ConfirmType.values.index(confirm_type) + 1
-        ttl = settings.SECURITY_MFA_VERIFY_TTL if confirm_type == ConfirmType.MFA else ttl
         name = 'UserConfirmationLevel{}TTL{}'.format(min_level, ttl)
         return type(name, (cls,), {'min_level': min_level, 'ttl': ttl, 'confirm_type': confirm_type})