diff --git a/lib/devise_two_factor/strategies/two_factor_authenticatable.rb b/lib/devise_two_factor/strategies/two_factor_authenticatable.rb
index fe89230..dbed5d2 100644
--- a/lib/devise_two_factor/strategies/two_factor_authenticatable.rb
+++ b/lib/devise_two_factor/strategies/two_factor_authenticatable.rb
@@ -21,7 +21,7 @@ def authenticate!
 
       def validate_otp(resource)
         return true unless resource.otp_required_for_login
-        return if params[scope]['otp_attempt'].nil?
+        return if params[scope].nil? || params[scope]['otp_attempt'].nil?
         resource.validate_and_consume_otp!(params[scope]['otp_attempt'])
       end
     end