-<%= if get_flash(@conn, :info) do %>
-<p class="alert alert-info" role="alert"><%= get_flash(@conn, :info) %></p>
-<% end %>
-<%= if get_flash(@conn, :error) do %>
-<p class="alert alert-danger" role="alert"><%= get_flash(@conn, :error) %></p>
-<% end %>
+<div>
+ <%= if get_flash(@conn, :info) do %>
+ <p class="alert alert-info" role="alert"><%= get_flash(@conn, :info) %></p>
+ <% end %>
+ <%= if get_flash(@conn, :error) do %>
+ <p class="alert alert-danger" role="alert"><%= get_flash(@conn, :error) %></p>
+ <% end %>
+ <div class="panel-heading">
+ <%= Gettext.dpgettext("static_pages", "mfa auth page title", "Two-factor authentication") %>
+ </div>
+ <div class="panel-content">
+ <%= form_for @conn, Routes.mfa_verify_path(@conn, :verify), [as: "mfa"], fn f -> %>
+ <div class="input">
+ <%= label f, :code, Gettext.dpgettext("static_pages", "mfa auth code prompt", "Authentication code") %>
+ <%= text_input f, :code, [autocomplete: "one-time-code", autocorrect: "off", autocapitalize: "off", autofocus: true, pattern: "[0-9]*", spellcheck: false] %>
+ <%= hidden_input f, :mfa_token, value: @mfa_token %>
+ <%= hidden_input f, :state, value: @state %>
+ <%= hidden_input f, :redirect_uri, value: @redirect_uri %>
+ <%= hidden_input f, :challenge_type, value: "totp" %>
+ </div>