diff --git a/routers/user/setting/security_twofa.go b/routers/user/setting/security_twofa.go
index 55101ed1a4..cb61b9e270 100644
--- a/routers/user/setting/security_twofa.go
+++ b/routers/user/setting/security_twofa.go
@@ -76,6 +76,7 @@ func twofaGenerateSecretAndQr(ctx *context.Context) bool {
 	if otpKey == nil {
 		err = nil // clear the error, in case the URL was invalid
 		otpKey, err = totp.Generate(totp.GenerateOpts{
+			SecretSize:  40,
 			Issuer:      setting.AppName + " (" + strings.TrimRight(setting.AppURL, "/") + ")",
 			AccountName: ctx.User.Name,
 		})