diff --git a/webmin/change_twofactor.cgi b/webmin/change_twofactor.cgi
index 578b061a1..ffc0e6192 100755
--- a/webmin/change_twofactor.cgi
+++ b/webmin/change_twofactor.cgi
@@ -15,6 +15,16 @@ if ($in{'twofactor_provider'}) {
 	$err = defined(&$vfunc) && &$vfunc(\%in, \%miniserv);
 	&error($err) if ($err);
 	}
+else {
+	# Don't disable if any users have twofactor enabled
+	&foreign_require("acl");
+	@twos = grep { $_->{'twofactor_provider'} && $_->{'twofactor_id'} }
+		     &acl::list_users();
+	if (@twos) {
+		&error(&text('twofactor_eusers',
+			     join(" ", map { $_->{'name'} } @twos)));
+		}
+	}
 
 # Save settings
 &lock_file($ENV{'MINISERV_CONFIG'});
diff --git a/webmin/lang/en b/webmin/lang/en
index 75785dfe2..125111abc 100644
--- a/webmin/lang/en
+++ b/webmin/lang/en
@@ -1072,6 +1072,7 @@ twofactor_test=Use provider's test mode?
 twofactor_desc=Two-factor authentication allows Webmin users to enable use of an additional authentication device when logging in, such as a one-time passcode generator. Users must individually enroll with the selected authentication provider after it is enabled on this page.
 twofactor_err=Failed to save two-factor authentication
 twofactor_eprovider=Invalid provider!
+twofactor_eusers=Two-factor authentication cannot be disabled, as the following users are currently enrolled : $1
 twofactor_eapikey=Missing or invalid-looking API key
 twofactor_authy=Authy
 twofactor_totp=Google Authenticator