diff --git a/pool/db.php b/pool/db.php
index 7d87beee..edccad1d 100644
--- a/pool/db.php
+++ b/pool/db.php
@@ -225,7 +225,7 @@ function userReg($user, $email, $pass)
  return repDecode($rep);
 }
 #
-function userSettings($user, $email = null, $addr = null, $pass = null)
+function userSettings($user, $email = null, $addr = null, $pass = null, $twofa = null)
 {
  $tmo = false;
  $flds = array('username' => $user);
@@ -247,7 +247,12 @@ function userSettings($user, $email = null, $addr = null, $pass = null)
 	$tmo = 3; # 3x the timeout
  }
  if ($pass != null)
+ {
 	$flds['passwordhash'] = myhash($pass);
+	if ($twofa === null)
+		$twofa = '';
+	$flds['2fa'] = $twofa;
+ }
  $msg = msgEncode('usersettings', 'userset', $flds, $user);
  $rep = sendsockreply('userSettings', $msg, $tmo);
  if (!$rep)
diff --git a/pool/page_addrmgt.php b/pool/page_addrmgt.php
index 0ef12d85..33b3e21f 100644
--- a/pool/page_addrmgt.php
+++ b/pool/page_addrmgt.php
@@ -72,13 +72,24 @@ function addrmgtuser($data, $user, $err)
 	else
 		$row = 'odd';
 	$pg .= "<tr class=$row>";
-	$pg .= '<td colspan=3 class=dc>';
+	$pg .= '<td class=dr>';
 	$pg .= 'Password: <input type=password name=pass size=20>';
-	$pg .= '&nbsp;<input type=submit name=OK value=Save></td></tr>';
+	$pg .= '</td><td colspan=2>&nbsp;</td></tr>';
+
+	if ((($offset++) % 2) == 0)
+		$row = 'even';
+	else
+		$row = 'odd';
+	$pg .= "<tr class=$row>";
+	$pg .= '<td class=dr>';
+	$pg .= '<span class=st1>*</span>2nd Authentication: <input type=password name=2fa size=20>';
+	$pg .= '</td><td colspan=2 class=dl><input type=submit name=OK value=Save></td></tr>';
+
+	$pg .= "<tr><td colspan=3 class=dc><font size=-1>";
+	$pg .= 'You must enter your password to save changes<br>';
+	$pg .= "<span class=st1>*</span>Leave blank if you haven't enabled it<br>";
+	$pg .= 'A ratio of 0, will remove the address from the payouts</font></td></tr>';
  }
- $pg .= '<tr><td colspan=3 class=dc><font size=-1><span class=st1>*</span>';
- $pg .= ' You must enter your password to save changes<br>';
- $pg .= 'A ratio of 0, will remove the address from the payouts</font></td></tr>';
  $pg .= "</table><input type=hidden name=rows value=$count id=rows></form>\n";
 
  $pg .= "<script type='text/javascript'>\n";
@@ -107,6 +118,7 @@ function doaddrmgt($data, $user)
  $OK = getparam('OK', false);
  $count = getparam('rows', false);
  $pass = getparam('pass', false);
+ $twofa = getparam('2fa', false);
  if ($OK == 'Save' && !nuem($count) && !nuem($pass))
  {
 	if ($count > 0 && $count < 1000)
@@ -119,7 +131,7 @@ function doaddrmgt($data, $user)
 			if (!nuem($addr) && !nuem($ratio))
 				$addrarr[] = array('addr' => $addr, 'ratio' => $ratio);
 		}
-		$ans = userSettings($user, null, $addrarr, $pass);
+		$ans = userSettings($user, null, $addrarr, $pass, $twofa);
 		if ($ans['STATUS'] != 'ok')
 			$err = $ans['ERROR'];
 	}
diff --git a/pool/page_settings.php b/pool/page_settings.php
index 91818c18..8a3e72be 100644
--- a/pool/page_settings.php
+++ b/pool/page_settings.php
@@ -29,6 +29,14 @@ function settings($data, $user, $email, $addr, $err)
  $pg .= '</td><td class=dl>';
  $pg .= '<input type=password name=pass size=20>';
  $pg .= '</td></tr>';
+ $pg .= '<tr class=dc><td class=dr nowrap>';
+ $pg .= '<span class=st1>*</span>2nd Authentication:';
+ $pg .= '</td><td class=dl>';
+ $pg .= '<input type=password name=2fa size=20>';
+ $pg .= '</td></tr>';
+ $pg .= '<tr class=dc><td colspan=2 class=dc><font size=-1>';
+ $pg .= "<span class=st1>*</span>Leave blank if you haven't enabled it</font>";
+ $pg .= '</td></tr>';
  $pg .= '<tr class=dc><td class=dr colspan=2>';
  $pg .= 'Change: <input type=submit name=Change value=EMail>';
  $pg .= '</td></tr>';
@@ -90,7 +98,7 @@ function settings($data, $user, $email, $addr, $err)
  $pg .= '</td></tr>';
  $pg .= '<tr class=dc><td colspan=2 class=dc><font size=-1>';
  $pg .= "<span class=st1>*</span>Leave blank if you haven't enabled it</font>";
- $pg .= '</td></tr>'
+ $pg .= '</td></tr>';
  $pg .= '<tr class=dc><td class=dr colspan=2>';
  $pg .= 'Change: <input type=submit name=Change value=Password>';
  $pg .= '</td></tr>';
@@ -112,7 +120,8 @@ function dosettings($data, $user)
   case 'EMail':
 	$email = getparam('email', false);
 	$pass = getparam('pass', false);
-	$ans = userSettings($user, $email, null, $pass);
+	$twofa = getparam('2fa', false);
+	$ans = userSettings($user, $email, null, $pass, $twofa);
 	$err = 'EMail changed';
 	$check = true;
 	break;
@@ -122,7 +131,8 @@ function dosettings($data, $user)
 		$addr = getparam('baddr', false);
 		$addrarr = array(array('addr' => $addr));
 		$pass = getparam('pass', false);
-		$ans = userSettings($user, null, $addrarr, $pass);
+		$twofa = getparam('2fa', false);
+		$ans = userSettings($user, null, $addrarr, $pass, $twofa);
 		$err = 'Payout address changed';
 		$check = true;
 	}