diff --git a/src/components/auth/TOTPSetup.tsx b/src/components/auth/TOTPSetup.tsx
index 567c3654..1ceb16c2 100644
--- a/src/components/auth/TOTPSetup.tsx
+++ b/src/components/auth/TOTPSetup.tsx
@@ -94,13 +94,21 @@ export function TOTPSetup() {
 
     setLoading(true);
     try {
-      const { error } = await supabase.auth.mfa.verify({
+      // Step 1: Create a challenge first
+      const { data: challengeData, error: challengeError } = await supabase.auth.mfa.challenge({
+        factorId
+      });
+
+      if (challengeError) throw challengeError;
+
+      // Step 2: Verify using the challengeId from the challenge response
+      const { error: verifyError } = await supabase.auth.mfa.verify({
         factorId,
-        challengeId: factorId, // For enrollment, challengeId is the same as factorId
+        challengeId: challengeData.id,
         code: verificationCode.trim()
       });
 
-      if (error) throw error;
+      if (verifyError) throw verifyError;
 
       toast({
         title: 'TOTP Enabled',