diff --git a/src/routes/login.ts b/src/routes/login.ts
index 7b0ace3aa..dc24e2d1d 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -77,11 +77,6 @@ function login(req: Request, res: Response) {
     const submittedPassword = req.body.password;
     const submittedTotpToken = req.body.totpToken;
 
-    if (!verifyPassword(submittedPassword)) {
-        sendLoginError(req, res, 'password');
-        return;
-    }
-
     if (totp.isTotpEnabled()) {
         if (!verifyTOTP(submittedTotpToken)) {
             sendLoginError(req, res, 'totp');
@@ -89,6 +84,11 @@ function login(req: Request, res: Response) {
         }
     }
 
+    if (!verifyPassword(submittedPassword)) {
+        sendLoginError(req, res, 'password');
+        return;
+    }
+
     const rememberMe = req.body.rememberMe;
 
     req.session.regenerate(() => {