diff --git a/cmd/openvpn-onelogin-auth/main.go b/cmd/openvpn-onelogin-auth/main.go
index 31f2a18..6c20cd3 100644
--- a/cmd/openvpn-onelogin-auth/main.go
+++ b/cmd/openvpn-onelogin-auth/main.go
@@ -31,12 +31,15 @@ func readConfig() onelogin.Config {
 	return config
 }
 
-func getPasswordAndToken() (string, string, error) {
+func getPasswordAndToken(isMFAEnabled bool) (string, string, error) {
 	password := os.Getenv("password")
-	if len(password) < 7 {
-		return "", "", fmt.Errorf("No OTP Supplied")
+	if isMFAEnabled {
+		if len(password) < 7 {
+			return "", "", fmt.Errorf("No OTP Supplied")
+		}
+		return password[0 : len(password)-6], password[len(password)-6:], nil
 	}
-	return password[0 : len(password)-6], password[len(password)-6:], nil
+	return password, "", nil
 }
 
 func main() {
@@ -47,7 +50,7 @@ func main() {
 
 	o := onelogin.New(readConfig())
 
-	password, passwordToken, err := getPasswordAndToken()
+	password, passwordToken, err := getPasswordAndToken(o.IsMFAEnabled())
 	if err != nil {
 		logger.Infof("Authentication failed: no password/otp supplied")
 		os.Exit(1)
diff --git a/pkg/onelogin/authenticate.go b/pkg/onelogin/authenticate.go
index 5e3c8a7..8f3ff90 100644
--- a/pkg/onelogin/authenticate.go
+++ b/pkg/onelogin/authenticate.go
@@ -175,3 +175,10 @@ func (o *onelogin) VerifyFactor(token string, params VerifyFactorParams) (Sessio
 
 	return sessionResponse, nil
 }
+
+func (o *onelogin) IsMFAEnabled() bool {
+	if o.config.MFA == true {
+		return true
+	}
+	return false
+}
diff --git a/pkg/onelogin/onelogin.go b/pkg/onelogin/onelogin.go
index 70410c7..d1b952e 100644
--- a/pkg/onelogin/onelogin.go
+++ b/pkg/onelogin/onelogin.go
@@ -5,6 +5,7 @@ type Config struct {
 	URL          string `toml:"ONELOGIN_URL"`
 	ClientID     string `toml:"ONELOGIN_CLIENT_ID"`
 	ClientSecret string `toml:"ONELOGIN_CLIENT_SECRET"`
+	MFA          bool   `toml:"ONELOGIN_MFA"`
 }
 type onelogin struct {
 	config Config