diff --git a/api/actions/login.php b/api/actions/login.php
index c7ed41b..002588d 100644
--- a/api/actions/login.php
+++ b/api/actions/login.php
@@ -8,7 +8,17 @@
 
 engageRateLimit();
 $user = User::byUsername($VARS['username']);
-if ((!$user->has2fa() && $user->checkPassword($VARS['password'])) || $user->checkAppPassword($VARS['password'])) {
+
+$ok = false;
+if (empty($VARS['apppass']) && ($user->checkPassword($VARS['password']) || $user->checkAppPassword($VARS['password']))) {
+    $ok = true;
+} else {
+    if ((!$user->has2fa() && $user->checkPassword($VARS['password'])) || $user->checkAppPassword($VARS['password'])) {
+        $ok = true;
+    }
+}
+
+if ($ok) {
     switch ($user->getStatus()->getString()) {
         case "LOCKED_OR_DISABLED":
             Log::insert(LogType::API_LOGIN_FAILED, $uid, "Username: " . strtolower($VARS['username']) . ", Key: " . getCensoredKey());
diff --git a/api/apisettings.php b/api/apisettings.php
index 8acb6f8..810c674 100644
--- a/api/apisettings.php
+++ b/api/apisettings.php
@@ -70,7 +70,8 @@ $APIS = [
         "load" => "login.php",
         "vars" => [
             "username" => "string",
-            "password" => "string"
+            "password" => "string",
+            "apppass (optional)" => "/[0-1]/"
         ],
         "keytype" => "AUTH"
     ],