diff --git a/veza-common/src/auth.rs b/veza-common/src/auth.rs
index 9fe14db0b..bebc068a2 100644
--- a/veza-common/src/auth.rs
+++ b/veza-common/src/auth.rs
@@ -343,7 +343,7 @@ pub fn generate_totp_secret() -> VezaResult<String> {
 pub fn validate_totp_code(secret: &str, code: &str, _window: i64) -> VezaResult<bool> {
     use totp_rs::{TOTP, Algorithm, Secret};
     
-    // totp-rs 5.4 API: TOTP::new takes 5 arguments: algorithm, digits, skew, step, secret
+    // totp-rs 5.7 API: TOTP::new takes 7 arguments: algorithm, digits, skew, step, secret, issuer, account_name
     // Use Secret::Encoded to handle base32 string directly
     let secret_obj = Secret::Encoded(secret.to_string());
     
@@ -354,6 +354,8 @@ pub fn validate_totp_code(secret: &str, code: &str, _window: i64) -> VezaResult<
         30,
         secret_obj.to_bytes()
             .map_err(|e| VezaError::Auth(format!("Invalid TOTP secret: {}", e)))?,
+        Some("Veza".to_string()),  // issuer
+        "user".to_string(),         // account_name (generic, can be customized)
     ).map_err(|e| VezaError::Auth(format!("Invalid TOTP secret: {}", e)))?;
     
     let is_valid = totp.check_current(code)