diff --git a/public/include/pages/account/edit.inc.php b/public/include/pages/account/edit.inc.php
index 94a225c4..d775b6c0 100644
--- a/public/include/pages/account/edit.inc.php
+++ b/public/include/pages/account/edit.inc.php
@@ -121,6 +121,16 @@ if ($user->isAuthenticated()) {
 }
 // one last time so we can sync with changes we made during this page
 if ($user->isAuthenticated() && $config['twofactor']['enabled']) {
+  // stupid little hack because different request types
+  if (@$_POST['do'] !== 'genPin' || isset($_POST['unlock'])) {
+    $ea_token = (!isset($_GET['ea_token'])) ? '' : $_GET['ea_token'];
+    $cp_token = (!isset($_GET['cp_token'])) ? '' : $_GET['cp_token'];
+    $wf_token = (!isset($_GET['wf_token'])) ? '' : $_GET['wf_token'];
+  } else {
+    $ea_token = (!isset($_POST['ea_token'])) ? '' : $_POST['ea_token'];
+    $cp_token = (!isset($_POST['cp_token'])) ? '' : $_POST['cp_token'];
+    $wf_token = (!isset($_POST['wf_token'])) ? '' : $_POST['wf_token'];
+  }
   if ($config['twofactor']['options']['details']) {
     $ea_editable = $user->token->isTokenValid($_SESSION['USERDATA']['id'], $ea_token, 5);
     $ea_sent = $user->token->doesTokenExist('account_edit', $_SESSION['USERDATA']['id']);
diff --git a/public/site_assets/mpos/css/layout.css b/public/site_assets/mpos/css/layout.css
index d44651ee..8ea0107b 100644
--- a/public/site_assets/mpos/css/layout.css
+++ b/public/site_assets/mpos/css/layout.css
@@ -580,7 +580,7 @@ text-shadow: 0 1px 0 #6CDCF9;
 cursor: pointer;
 }
 
-input[type=submit].alt_btn:disabled,input[type=submit].alt_btn:readonly {
+input[type=submit].alt_btn:disabled {
 background: #D0D1D4 url(../images/btn_submit.png) repeat-x;
 border: 1px solid#aaa;
 text-shadow: none;
diff --git a/public/templates/mpos/account/edit/default.tpl b/public/templates/mpos/account/edit/default.tpl
index c63e6ccc..91ea0038 100644
--- a/public/templates/mpos/account/edit/default.tpl
+++ b/public/templates/mpos/account/edit/default.tpl
@@ -59,14 +59,12 @@
         <input type="hidden" name="ea_token" value="{$smarty.request.ea_token|escape}">
         <input type="hidden" name="utype" value="account_edit">
         {if $GLOBAL.twofactor.enabled && $GLOBAL.twofactor.options.details}
-          {if $DETAILSUNLOCKED > 0 && $DETAILSSENT > 0}
-            <input type="submit" value="Update Account" class="alt_btn">
-          {else}
-            {if $DETAILSSENT == 1}
-              <input type="submit" value="Update Account" class="alt_btn" disabled>
-            {else}
-              <input type="submit" value="Unlock" class="alt_btn" name="unlock">
-            {/if}
+          {if $DETAILSSENT == 1 && $DETAILSUNLOCKED == 1}
+          	<input type="submit" value="Update Account" class="alt_btn">
+          {elseif $DETAILSSENT == 0 && $DETAILSUNLOCKED == 1 || $DETAILSSENT == 1 && $DETAILSUNLOCKED == 0}
+            <input type="submit" value="Update Account" class="alt_btn" disabled>
+          {elseif $DETAILSSENT == 0 && $DETAILSUNLOCKED == 0}
+            <input type="submit" value="Unlock" class="alt_btn" name="unlock">
           {/if}
         {else}
           <input type="submit" value="Update Account" class="alt_btn">
@@ -109,14 +107,12 @@
         <input type="hidden" name="wf_token" value="{$smarty.request.wf_token|escape}">
         <input type="hidden" name="utype" value="withdraw_funds">
         {if $GLOBAL.twofactor.enabled && $GLOBAL.twofactor.options.withdraw}
-          {if $WITHDRAWUNLOCKED > 0 && $WITHDRAWSENT > 0}
-            <input type="submit" value="Cash Out" class="alt_btn">
-          {else}
-            {if $WITHDRAWSENT == 1}
-              <input type="submit" value="Cash Out" class="alt_btn" disabled>
-            {else}
-              <input type="submit" value="Unlock" class="alt_btn" name="unlock">
-            {/if}
+          {if $WITHDRAWSENT == 1 && $WITHDRAWUNLOCKED == 1}
+          	<input type="submit" value="Cash Out" class="alt_btn">
+          {elseif $WITHDRAWSENT == 0 && $WITHDRAWUNLOCKED == 1 || $WITHDRAWSENT == 1 && $WITHDRAWUNLOCKED == 0}
+            <input type="submit" value="Cash Out" class="alt_btn" disabled>
+          {elseif $WITHDRAWSENT == 0 && $WITHDRAWUNLOCKED == 0}
+            <input type="submit" value="Unlock" class="alt_btn" name="unlock">
           {/if}
         {else}
           <input type="submit" value="Cash Out" class="alt_btn">
@@ -163,14 +159,12 @@
         <input type="hidden" name="cp_token" value="{$smarty.request.cp_token|escape}">
         <input type="hidden" name="utype" value="change_pw">
         {if $GLOBAL.twofactor.enabled && $GLOBAL.twofactor.options.changepw}
-          {if $CHANGEPASSUNLOCKED > 0 && $CHANGEPASSSENT > 0}
-            <input type="submit" value="Change Password" class="alt_btn">
-          {else}
-            {if $CHANGEPASSSENT == 1}
-              <input type="submit" value="Change Password" class="alt_btn" disabled>
-            {else}
-              <input type="submit" value="Unlock" class="alt_btn" name="unlock">
-            {/if}
+          {if $CHANGEPASSSENT == 1 && $CHANGEPASSUNLOCKED == 1}
+          	<input type="submit" value="Change Password" class="alt_btn">
+          {elseif $CHANGEPASSSENT == 0 && $CHANGEPASSUNLOCKED == 1 || $CHANGEPASSSENT == 1 && $CHANGEPASSUNLOCKED == 0}
+            <input type="submit" value="Change Password" class="alt_btn" disabled>
+          {elseif $CHANGEPASSSENT == 0 && $CHANGEPASSUNLOCKED == 0}
+            <input type="submit" value="Unlock" class="alt_btn" name="unlock">
           {/if}
         {else}
           <input type="submit" value="Change Password" class="alt_btn">