diff --git a/mfa/templates/MFA.html b/mfa/templates/MFA.html
index 7a4d396..8ef7a94 100644
--- a/mfa/templates/MFA.html
+++ b/mfa/templates/MFA.html
@@ -103,6 +103,7 @@
                         {% endif %}
             </tr>
             {% endfor %}
+            {% if "RECOVERY" not in UNALLOWED_AUTHEN_METHODS %}
             <tr>
 
                 <td>RECOVERY</td>
@@ -113,6 +114,7 @@
                 <td>On</td>
                 <td><a href="{% url 'manage_recovery_codes' %}"> <span class="fa fa-wrench fa-solid fa-wrench bi bi-wrench-fill"></span></a></td>
             </tr>
+            {% endif %}
         {% else %}
            <tr><td colspan="7" align="center">You didn't have any keys yet.</td> </tr>
        {% endif %}
diff --git a/mfa/totp.py b/mfa/totp.py
index 32adf2e..42a5de6 100644
--- a/mfa/totp.py
+++ b/mfa/totp.py
@@ -55,7 +55,7 @@ def auth(request):
                 return login(request)
         elif tokenLength == 10 and "RECOVERY" not in settings.MFA_UNALLOWED_METHODS:
             #Backup code check
-            resBackup=recovery.verify_login(request.session["base_username"], token=request.POST["otp"])
+            resBackup=recovery.verify_login(request, request.session["base_username"], token=request.POST["otp"])
             if resBackup[0]:
                 mfa = {"verified": True, "method": "RECOVERY","id":resBackup[1]}
                 if getattr(settings, "MFA_RECHECK", False):