diff --git a/EnvelopeGenerator.Application/Extensions/DTOExtensions.cs b/EnvelopeGenerator.Application/Extensions/DTOExtensions.cs
deleted file mode 100644
index f1cd28ca..00000000
--- a/EnvelopeGenerator.Application/Extensions/DTOExtensions.cs
+++ /dev/null
@@ -1,22 +0,0 @@
-using EnvelopeGenerator.Application.DTOs.Receiver;
-using EnvelopeGenerator.Extensions;
-using Newtonsoft.Json;
-
-namespace EnvelopeGenerator.Application.Extensions
-{
-    public static class DTOExtensions
-    {
-        public static bool IsTotpSecretExpired(this ReceiverReadDto dto, int minutesBeforeExpiration = 30)
-            => dto.TotpExpiration < DateTime.Now.AddMinutes(minutesBeforeExpiration * -1);
-
-        public static bool IsTotpSecretInvalid(this ReceiverReadDto dto, int minutesBeforeExpiration = 30)
-            => dto.IsTotpSecretExpired(minutesBeforeExpiration) || dto.TotpSecretkey is null;
-
-        public static bool IsTotpSecretValid(this ReceiverReadDto dto, int minutesBeforeExpiration = 30)
-            => !dto.IsTotpSecretInvalid(minutesBeforeExpiration);
-
-        public static bool IsTotpValid(this ReceiverReadDto dto, string totp) => dto.TotpSecretkey is null ? throw new ArgumentNullException(nameof(dto), $"TotpSecretkey of DTO cannot validate without TotpSecretkey. Dto: {JsonConvert.SerializeObject(dto)}") : totp.IsValidTotp(dto.TotpSecretkey);
-
-        public static bool IsTotpInvalid(this ReceiverReadDto dto, string totp) => !dto.IsTotpValid(totp: totp);
-    }
-}
\ No newline at end of file
diff --git a/EnvelopeGenerator.Web/Controllers/HomeController.cs b/EnvelopeGenerator.Web/Controllers/HomeController.cs
index edc2091c..9cc2ff8c 100644
--- a/EnvelopeGenerator.Web/Controllers/HomeController.cs
+++ b/EnvelopeGenerator.Web/Controllers/HomeController.cs
@@ -197,12 +197,11 @@ public class HomeController : ViewControllerBase
         if (er_secret.Envelope!.TFAEnabled)
         {
             var rcv = er_secret.Receiver;
-            if (rcv.IsTotpSecretInvalid())
+            if (rcv.TotpSecretkey is null)
             {
                 rcv.TotpSecretkey = _authenticator.GenerateTotpSecretKey();
                 rcv.TotpExpiration = DateTime.Now.AddMonths(1);
                 await _rcvService.UpdateAsync(rcv);
-                await _mailService.SendTFAQrCodeAsync(er_secret);
             }
             return await TFAViewAsync(auth.UserSelectSMS, er_secret, envelopeReceiverId);
         }
@@ -229,7 +228,7 @@ public class HomeController : ViewControllerBase
     [NonAction]
     private async Task<IActionResult?> HandleAuthenticatorAsync(Auth auth, EnvelopeReceiverSecretDto er_secret, string envelopeReceiverId)
     {
-        if (er_secret.Receiver!.IsTotpInvalid(totp: auth.AuthenticatorCode!))
+        if (er_secret.Receiver!.TotpSecretkey is null)
         {
             Response.StatusCode = StatusCodes.Status401Unauthorized;
             ViewData["ErrorMessage"] = _localizer[WebKey.WrongAccessCode].Value;
diff --git a/EnvelopeGenerator.Web/Controllers/TFARegController.cs b/EnvelopeGenerator.Web/Controllers/TFARegController.cs
index ac22c14a..17968fd4 100644
--- a/EnvelopeGenerator.Web/Controllers/TFARegController.cs
+++ b/EnvelopeGenerator.Web/Controllers/TFARegController.cs
@@ -31,48 +31,56 @@ public class TFARegController : ViewControllerBase
     [HttpGet("{envelopeReceiverId}")]
     public async Task<IActionResult> Reg(string envelopeReceiverId)
     {
-        envelopeReceiverId = _sanitizer.Sanitize(envelopeReceiverId);
-        (string? uuid, string? signature) = envelopeReceiverId.DecodeEnvelopeReceiverId();
-
-        if (uuid is null || signature is null)
+        try
         {
-            _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: _localizer[WebKey.WrongEnvelopeReceiverId]);
-            return Unauthorized();
-        }
+            envelopeReceiverId = _sanitizer.Sanitize(envelopeReceiverId);
+            (string? uuid, string? signature) = envelopeReceiverId.DecodeEnvelopeReceiverId();
 
-        var er_secret_res = await _envRcvService.ReadWithSecretByUuidSignatureAsync(uuid: uuid, signature: signature);
+            if (uuid is null || signature is null)
+            {
+                _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: _localizer[WebKey.WrongEnvelopeReceiverId]);
+                return Unauthorized();
+            }
 
-        if (er_secret_res.IsFailed)
-        {
-            _logger.LogNotice(er_secret_res.Notices);
-            return this.ViewEnvelopeNotFound();
-        }
-        var er_secret = er_secret_res.Data;
+            var er_secret_res = await _envRcvService.ReadWithSecretByUuidSignatureAsync(uuid: uuid, signature: signature);
 
-        if (!er_secret.Envelope!.TFAEnabled)
-            return Unauthorized();
+            if (er_secret_res.IsFailed)
+            {
+                _logger.LogNotice(er_secret_res.Notices);
+                return this.ViewEnvelopeNotFound();
+            }
+            var er_secret = er_secret_res.Data;
 
-        var rcv = er_secret.Receiver;
+            if (!er_secret.Envelope!.TFAEnabled)
+                return Unauthorized();
 
-        // Generate QR code as base 64
-        rcv!.TotpSecretkey = _authenticator.GenerateTotpSecretKey();
-        rcv.TotpExpiration = DateTime.Now.AddMonths(1);
-        await _rcvService.UpdateAsync(rcv);
-        var totp_qr_64 = _authenticator.GenerateTotpQrCode(userEmail: rcv.EmailAddress, secretKey: rcv.TotpSecretkey).ToBase64String();
+            var rcv = er_secret.Receiver;
 
-        // Calculate RFA registiration deadline
-        if(rcv.TfaRegDeadline is null)
-        {
-            rcv.TfaRegDeadline = _params.Deadline;
+            // Generate QR code as base 64
+            rcv!.TotpSecretkey = _authenticator.GenerateTotpSecretKey();
+            rcv.TotpExpiration = DateTime.Now.AddMonths(1);
             await _rcvService.UpdateAsync(rcv);
+            var totp_qr_64 = _authenticator.GenerateTotpQrCode(userEmail: rcv.EmailAddress, secretKey: rcv.TotpSecretkey).ToBase64String();
+
+            // Calculate RFA registiration deadline
+            if (rcv.TfaRegDeadline is null)
+            {
+                rcv.TfaRegDeadline = _params.Deadline;
+                await _rcvService.UpdateAsync(rcv);
+            }
+            else if (rcv.TfaRegDeadline <= DateTime.Now)
+                return View("_Expired");
+
+            ViewData["RegDeadline"] = rcv.TfaRegDeadline;
+
+            ViewData["TotpQR64"] = totp_qr_64;
+
+            return View();
+        }
+        catch(Exception ex)
+        {
+            _logger.LogEnvelopeError(envelopeReceiverId: envelopeReceiverId, exception: ex, message: _localizer[WebKey.UnexpectedError]);
+            return this.ViewInnerServiceError();
         }
-        else if(rcv.TfaRegDeadline <= DateTime.Now)
-            return View("_Expired");
-
-        ViewData["RegDeadline"] = rcv.TfaRegDeadline;
-
-        ViewData["TotpQR64"] = totp_qr_64;
-
-        return View();
     }
 }
\ No newline at end of file
diff --git a/EnvelopeGenerator.Web/Views/Home/EnvelopeLocked.cshtml b/EnvelopeGenerator.Web/Views/Home/EnvelopeLocked.cshtml
index ef7772aa..2e5f6148 100644
--- a/EnvelopeGenerator.Web/Views/Home/EnvelopeLocked.cshtml
+++ b/EnvelopeGenerator.Web/Views/Home/EnvelopeLocked.cshtml
@@ -32,7 +32,7 @@
         </div>
         <h1>@_localizer[WebKey.Formats.LockedTitle.Format(codeKeyName)]</h1>
     </header>
-    @if (tfaRegDeadline is not null && tfaRegDeadline > DateTime.Now)
+    @if (viaAuthenticator && (tfaRegDeadline is null || tfaRegDeadline > DateTime.Now))
     {
     <section class="text-center">
         <p class="m-0 p-0">