diff --git a/CHANGELOG.md b/CHANGELOG.md
index 05f0be51..6c4d783d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,7 @@
 
 1. [](#bugfix)
     * Fixed missing `admin-preset.css` in multisite environments
+    * Regression: Fixed broken 2FA form [#2109](https://github.com/getgrav/grav-plugin-admin/issues/2109)
 
 # v1.10.9
 ## 04/06/2021
diff --git a/admin.php b/admin.php
index 78260d25..e58f3a23 100644
--- a/admin.php
+++ b/admin.php
@@ -34,7 +34,6 @@ use Grav\Plugin\Admin\Themes;
 use Grav\Plugin\Admin\AdminController;
 use Grav\Plugin\Admin\Twig\AdminTwigExtension;
 use Grav\Plugin\Admin\WhiteLabel;
-use Grav\Plugin\FlexObjects\FlexFormFactory;
 use Grav\Plugin\Form\Form;
 use Grav\Plugin\Form\Forms;
 use Grav\Plugin\Login\Login;
@@ -684,10 +683,10 @@ class AdminPlugin extends Plugin
         $twig->twig_vars['forms'] = $forms;
 
         // preserve form validation
-        if (!isset($twig->twig_vars['form'])) {
-            if ($this->admin->form) {
-                $twig->twig_vars['form'] = $this->admin->form;
-            } elseif (isset($header->form)) {
+        if ($this->admin->form) {
+            $twig->twig_vars['form'] = $this->admin->form;
+        } elseif (!isset($twig->twig_vars['form'])) {
+            if (isset($header->form)) {
                 $twig->twig_vars['form'] = new Form($page);
             } elseif (isset($header->forms)) {
                 $twig->twig_vars['form'] = new Form($page, null, reset($header->forms));
diff --git a/classes/plugin/Controllers/Login/LoginController.php b/classes/plugin/Controllers/Login/LoginController.php
index c625f324..240a9337 100644
--- a/classes/plugin/Controllers/Login/LoginController.php
+++ b/classes/plugin/Controllers/Login/LoginController.php
@@ -250,21 +250,26 @@ class LoginController extends AdminController
             return $this->createRedirectResponse('/');
         }
 
+        $login = $this->getLogin();
+
         $this->page = $this->createPage('login');
-        $this->form = $this->getForm('admin-login-twofa');
+        $this->form = $this->getForm('login-twofa');
         try {
             $this->checkNonce();
         } catch (PageExpiredException $e) {
             $this->setMessage($this->translate('PLUGIN_ADMIN.INVALID_SECURITY_TOKEN'), 'error');
 
-            return $this->createDisplayResponse();
+            // Failed 2FA nonce check, logout and redirect.
+            $login->logout(['admin' => true]);
+            $this->form->reset();
+
+            return $this->createRedirectResponse('/');
         }
 
 
         $post = $this->getPost();
         $data = $post['data'] ?? [];
 
-        $login = $this->getLogin();
         try {
             $twoFa = $login->twoFactorAuth();
         } catch (TwoFactorAuthException $e) {
diff --git a/themes/grav/templates/partials/login-form.html.twig b/themes/grav/templates/partials/login-form.html.twig
index 8010767a..99234030 100755
--- a/themes/grav/templates/partials/login-form.html.twig
+++ b/themes/grav/templates/partials/login-form.html.twig
@@ -10,8 +10,6 @@
 {% endblock %}
 
 {% block form %}
-    {% set form = forms['login'] %}
-
     {% for field_name,field in form.fields %}
         {% if field.type %}
             {% set field = field|merge({ name: field.name ?? field_name }) %}
diff --git a/themes/grav/templates/partials/login-twofa.html.twig b/themes/grav/templates/partials/login-twofa.html.twig
index ada829f6..7cb7892f 100644
--- a/themes/grav/templates/partials/login-twofa.html.twig
+++ b/themes/grav/templates/partials/login-twofa.html.twig
@@ -5,8 +5,6 @@
 
 {% block form %}
 
-    {% set form = forms['login-twofa'] %}
-
     {% for field_name, field in form.fields %}
         {% if field.type %}
             {% set field = field|merge({ name: field.name ?? field_name }) %}