diff --git a/src/app/accounts/accountsLoginController.js b/src/app/accounts/accountsLoginController.js
index dd21e10c21..645d7f004f 100644
--- a/src/app/accounts/accountsLoginController.js
+++ b/src/app/accounts/accountsLoginController.js
@@ -69,7 +69,7 @@ angular
         };
 
         $scope.twoFactor = function (token) {
-            $scope.twoFactorPromise = authService.logIn(_email, _masterPassword, token, $scope.twoFactorProvider);
+            $scope.twoFactorPromise = authService.logIn(_email, _masterPassword, token, $scope.twoFactorProvider, true);
 
             $scope.twoFactorPromise.then(function () {
                 $analytics.eventTrack('Logged In From Two-step');
diff --git a/src/app/constants.js b/src/app/constants.js
index 56e241c7b6..311f0d34b7 100644
--- a/src/app/constants.js
+++ b/src/app/constants.js
@@ -25,7 +25,8 @@ angular.module('bit')
             email: 1,
             duo: 2,
             yubikey: 3,
-            u2f: 4
+            u2f: 4,
+            remember: 5
         },
         plans: {
             free: {
diff --git a/src/app/services/authService.js b/src/app/services/authService.js
index 024c3695bf..f4062b481e 100644
--- a/src/app/services/authService.js
+++ b/src/app/services/authService.js
@@ -1,11 +1,11 @@
 angular
     .module('bit.services')
 
-    .factory('authService', function (cryptoService, apiService, tokenService, $q, jwtHelper, $rootScope) {
+    .factory('authService', function (cryptoService, apiService, tokenService, $q, jwtHelper, $rootScope, constants) {
         var _service = {},
             _userProfile = null;
 
-        _service.logIn = function (email, masterPassword, token, provider) {
+        _service.logIn = function (email, masterPassword, token, provider, remember) {
             email = email.toLowerCase();
             var key = cryptoService.makeKey(masterPassword, email);
 
@@ -18,8 +18,16 @@ angular
             };
 
             if (token && typeof (provider) !== 'undefined' && provider !== null) {
+                remember = remember || remember !== false;
+
                 request.twoFactorToken = token.replace(' ', '');
                 request.twoFactorProvider = provider;
+                request.twoFactorRemember = remember ? '1' : '0';
+            }
+            else if (tokenService.getTwoFactorToken(email)) {
+                request.twoFactorToken = tokenService.getTwoFactorToken(email);
+                request.twoFactorProvider = constants.twoFactorProvider.remember;
+                request.twoFactorRemember = '0';
             }
 
             // TODO: device information one day?
@@ -35,6 +43,10 @@ angular
                 tokenService.setRefreshToken(response.refresh_token);
                 cryptoService.setKey(key);
 
+                if (response.TwoFactorToken) {
+                    tokenService.setTwoFactorToken(response.TwoFactorToken, email);
+                }
+
                 if (response.Key) {
                     cryptoService.setEncKey(response.Key, key);
                 }
@@ -65,6 +77,7 @@ angular
 
                 if (error.status === 400 && error.data.TwoFactorProviders2 &&
                     Object.keys(error.data.TwoFactorProviders2).length) {
+                    tokenService.clearTwoFactorToken(email);
                     deferred.resolve(error.data.TwoFactorProviders2);
                 }
                 else {
@@ -76,8 +89,7 @@ angular
         };
 
         _service.logOut = function () {
-            tokenService.clearToken();
-            tokenService.clearRefreshToken();
+            tokenService.clearTokens();
             cryptoService.clearKeys();
             $rootScope.vaultFolders = $rootScope.vaultLogins = null;
             _userProfile = null;
diff --git a/src/app/services/tokenService.js b/src/app/services/tokenService.js
index 705711b6f4..3c66b8b4fc 100644
--- a/src/app/services/tokenService.js
+++ b/src/app/services/tokenService.js
@@ -1,7 +1,7 @@
 angular
     .module('bit.services')
 
-    .factory('tokenService', function ($sessionStorage, jwtHelper) {
+    .factory('tokenService', function ($sessionStorage, $localStorage, jwtHelper) {
         var _service = {},
             _token = null,
             _refreshToken = null;
@@ -42,6 +42,33 @@ angular
             delete $sessionStorage.refreshToken;
         };
 
+        _service.setTwoFactorToken = function (token, email) {
+            if (!$localStorage.twoFactor) {
+                $localStorage.twoFactor = {};
+            }
+            $localStorage.twoFactor[email] = token;
+        };
+
+        _service.getTwoFactorToken = function (email) {
+            return $localStorage.twoFactor ? $localStorage.twoFactor[email] : null;
+        };
+
+        _service.clearTwoFactorToken = function (email) {
+            if (email) {
+                if ($localStorage.twoFactor && $localStorage.twoFactor[email]) {
+                    delete $localStorage.twoFactor[email];
+                }
+            }
+            else {
+                delete $localStorage.twoFactor;
+            }
+        };
+
+        _service.clearTokens = function () {
+            _service.clearToken();
+            _service.clearRefreshToken();
+        };
+
         _service.tokenSecondsRemaining = function (token, offsetSeconds) {
             var d = jwtHelper.getTokenExpirationDate(token);
             offsetSeconds = offsetSeconds || 0;