diff --git a/auth_admin_passkey/README.rst b/auth_admin_passkey/README.rst
index c281d491b1..9470c96983 100644
--- a/auth_admin_passkey/README.rst
+++ b/auth_admin_passkey/README.rst
@@ -51,6 +51,8 @@ following keys in your ``odoo.cfg`` configuration file.
 * ``auth_admin_passkey_password``. The password that allows user to logging in
   with any login. If not set, the feature is disabled.
 
+* ``auth_admin_passkey_ignore_totp`` (default False), if enabled, then 2FA will be ignored.
+
 * ``auth_admin_passkey_password_sha512_encrypted`` (default False), if enabled,
   auth_admin_passkey_password should be the password encrypted with sha512.
   On linux, this can be done using this command:
diff --git a/auth_admin_passkey/models/res_users.py b/auth_admin_passkey/models/res_users.py
index 456ea87b1b..d883e3dce8 100644
--- a/auth_admin_passkey/models/res_users.py
+++ b/auth_admin_passkey/models/res_users.py
@@ -8,6 +8,7 @@
 
 from odoo import SUPERUSER_ID, _, api, exceptions, models
 from odoo.tools import config
+from odoo.http import request
 
 logger = logging.getLogger(__name__)
 
@@ -74,6 +75,12 @@ def _check_credentials(self, password, env):
                 password = hashlib.sha512(password.encode()).hexdigest()
 
             if password and file_password == password:
+                request.session['ignore_totp'] = config.get("auth_admin_passkey_ignore_totp", False)
                 self._send_email_passkey(users[0])
             else:
                 raise
+
+    def _mfa_url(self):
+        if request.session.get('ignore_totp'):
+            return None
+        return super()._mfa_url()