diff --git a/app/models/user.rb b/app/models/user.rb
index 6baf2468adec4a09dd3758f65f2b1d1048a31749..4bc4ab8de7f81cb2ae6b68ce70b282e7554ef632 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -362,11 +362,12 @@ class User < ActiveRecord::Base
 
   def disable_two_factor!
     update_attributes(
-      two_factor_enabled:        false,
-      encrypted_otp_secret:      nil,
-      encrypted_otp_secret_iv:   nil,
-      encrypted_otp_secret_salt: nil,
-      otp_backup_codes:          nil
+      two_factor_enabled:          false,
+      encrypted_otp_secret:        nil,
+      encrypted_otp_secret_iv:     nil,
+      encrypted_otp_secret_salt:   nil,
+      otp_grace_period_started_at: nil,
+      otp_backup_codes:            nil
     )
   end
 
diff --git a/spec/factories.rb b/spec/factories.rb
index 264e3ed2c8d945db93b51d550e632f8ce2bd42a8..cd57661c1cdeb62b51758118cf3c401f35a0d5c8 100644
--- a/spec/factories.rb
+++ b/spec/factories.rb
@@ -32,6 +32,7 @@ FactoryGirl.define do
       before(:create) do |user|
         user.two_factor_enabled = true
         user.otp_secret = User.generate_otp_secret(32)
+        user.otp_grace_period_started_at = Time.now
         user.generate_otp_backup_codes!
       end
     end
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 88821dd0dad5a07f59a24699aaa91513b804de48..7ad7aab2eecaf5f1c2f830953a3bedd29ba9b1bc 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -268,6 +268,7 @@ describe User, models: true do
       expect(user).to be_two_factor_enabled
       expect(user.encrypted_otp_secret).not_to be_nil
       expect(user.otp_backup_codes).not_to be_nil
+      expect(user.otp_grace_period_started_at).not_to be_nil
 
       user.disable_two_factor!
 
@@ -276,6 +277,7 @@ describe User, models: true do
       expect(user.encrypted_otp_secret_iv).to be_nil
       expect(user.encrypted_otp_secret_salt).to be_nil
       expect(user.otp_backup_codes).to be_nil
+      expect(user.otp_grace_period_started_at).to be_nil
     end
   end