diff --git a/CHANGELOG.md b/CHANGELOG.md
index c4e391c81..fa2dbd7ee 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,10 @@ This file is a running track of new features and fixes to each version of the pa
 
 This project follows [Semantic Versioning](http://semver.org) guidelines.
 
+## v0.7.1 (Derelict Dermodactylus)
+### Fixed
+* Fixes an exception when no token is entered on the 2-Factor enable/disable page and the form is submitted.
+
 ## v0.7.0 (Derelict Dermodactylus)
 ### Fixed
 * `[rc.2]` — Fixes bad API behavior on `/user` routes.
diff --git a/app/Http/Controllers/Base/SecurityController.php b/app/Http/Controllers/Base/SecurityController.php
index 61c45d743..583d83611 100644
--- a/app/Http/Controllers/Base/SecurityController.php
+++ b/app/Http/Controllers/Base/SecurityController.php
@@ -107,7 +107,7 @@ class SecurityController extends Controller
     public function setTotp(Request $request)
     {
         try {
-            $this->toggleTwoFactorService->handle($request->user(), $request->input('token'));
+            $this->toggleTwoFactorService->handle($request->user(), $request->input('token') ?? '');
 
             return response('true');
         } catch (TwoFactorAuthenticationTokenInvalid $exception) {
@@ -127,7 +127,7 @@ class SecurityController extends Controller
     public function disableTotp(Request $request)
     {
         try {
-            $this->toggleTwoFactorService->handle($request->user(), $request->input('token'), false);
+            $this->toggleTwoFactorService->handle($request->user(), $request->input('token') ?? '', false);
         } catch (TwoFactorAuthenticationTokenInvalid $exception) {
             $this->alert->danger(trans('base.security.2fa_disable_error'))->flash();
         }