diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 2681320..cb8dcef 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -21,7 +21,7 @@ class SessionsController < ApplicationController
           flash[:alert] = "Your account has been disabled!"
         elsif user.banned?
           flash[:alert] = "You are banned!"
-        elsif user.totp_enabled && !TOTP.valid?(user.totp_code, params[:totp_code])
+        elsif user.totp_enabled && !TOTP.valid?(user.totp_secret, params[:totp_code].to_i)
           flash[:alert] = "You're doing it wrong!"
           render action: 'new'
           return