diff --git a/application/controllers/AuthenticationController.php b/application/controllers/AuthenticationController.php
index 1c57e0dd4..84cc5b37a 100644
--- a/application/controllers/AuthenticationController.php
+++ b/application/controllers/AuthenticationController.php
@@ -54,8 +54,10 @@ class AuthenticationController extends Controller
         }
 
         $user = $this->Auth()->getUser();
-        if ($user !== null && $user->getTwoFactorEnabled()
-            && Session::getSession()->get('2fa_must_challenge_token', false) === true) {
+        if ($user
+            && $user->getTwoFactorEnabled()
+            && Session::getSession()->get('2fa_must_challenge_token', false)
+        ) {
             $form = new Challenge2FAForm();
             $cancel2faForm = new Cancel2FAForm();
             $cancel2faForm->handleRequest();