diff --git a/.haml-lint_todo.yml b/.haml-lint_todo.yml
index c6bb38eb4..8a4dbaeff 100644
--- a/.haml-lint_todo.yml
+++ b/.haml-lint_todo.yml
@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `haml-lint --auto-gen-config`
-# on 2023-10-11 10:49:10 -0400 using Haml-Lint version 0.51.0.
+# on 2023-10-11 11:31:24 -0400 using Haml-Lint version 0.51.0.
 # The point is for the user to remove these configuration records
 # one by one as the lints are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -26,11 +26,6 @@ linters:
       - 'app/views/admin/reports/show.html.haml'
       - 'app/views/disputes/strikes/show.html.haml'
 
-  # Offense count: 1
-  InstanceVariables:
-    exclude:
-      - 'app/views/auth/sessions/two_factor/_otp_authentication_form.html.haml'
-
   # Offense count: 2
   IdNames:
     exclude:
diff --git a/app/controllers/concerns/two_factor_authentication_concern.rb b/app/controllers/concerns/two_factor_authentication_concern.rb
index 9eb45b90d..bc2d194c3 100644
--- a/app/controllers/concerns/two_factor_authentication_concern.rb
+++ b/app/controllers/concerns/two_factor_authentication_concern.rb
@@ -5,6 +5,7 @@ module TwoFactorAuthenticationConcern
 
   included do
     prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create]
+    helper_method :webauthn_enabled?
   end
 
   def two_factor_enabled?
@@ -87,4 +88,10 @@ module TwoFactorAuthenticationConcern
 
     set_locale { render :two_factor }
   end
+
+  protected
+
+  def webauthn_enabled?
+    @webauthn_enabled
+  end
 end
diff --git a/app/views/auth/sessions/two_factor.html.haml b/app/views/auth/sessions/two_factor.html.haml
index 20232d8dc..653f15580 100644
--- a/app/views/auth/sessions/two_factor.html.haml
+++ b/app/views/auth/sessions/two_factor.html.haml
@@ -3,7 +3,7 @@
 
 = javascript_pack_tag 'two_factor_authentication', crossorigin: 'anonymous'
 
-- if @webauthn_enabled
+- if webauthn_enabled?
   = render partial: 'auth/sessions/two_factor/webauthn_form', locals: { hidden: @scheme_type != 'webauthn' }
 
 = render partial: 'auth/sessions/two_factor/otp_authentication_form', locals: { hidden: @scheme_type != 'totp' }
diff --git a/app/views/auth/sessions/two_factor/_otp_authentication_form.html.haml b/app/views/auth/sessions/two_factor/_otp_authentication_form.html.haml
index 094b502b1..8cc2c8561 100644
--- a/app/views/auth/sessions/two_factor/_otp_authentication_form.html.haml
+++ b/app/views/auth/sessions/two_factor/_otp_authentication_form.html.haml
@@ -13,6 +13,6 @@
   - if Setting.site_contact_email.present?
     %p.hint.subtle-hint= t('users.otp_lost_help_html', email: mail_to(Setting.site_contact_email, nil))
 
-  - if @webauthn_enabled
+  - if webauthn_enabled?
     .form-footer
       = link_to(t('auth.link_to_webauth'), '#', id: 'link-to-webauthn')