diff --git a/0006-totp-motd.patch b/0006-totp-motd.patch
new file mode 100644
index 0000000..37a3a43
--- /dev/null
+++ b/0006-totp-motd.patch
@@ -0,0 +1,33 @@
+--- a/src/systemd/inactive.motd
++++ b/src/systemd/inactive.motd
+@@ -1,2 +1,7 @@
+ Activate the web console with: systemctl enable --now cockpit.socket
+ 
++Note: Cockpit disallows root login by default.
++To create a regular user and optionally enable 2FA run both:
++
++jeos-config user
++jeos-config otp
+diff --git a/src/systemd/update-motd b/src/systemd/update-motd
+index 67e0fb630..3c532d89f 100644
+--- a/src/systemd/update-motd
++++ b/src/systemd/update-motd
+@@ -18,7 +18,17 @@ ip=${3:-$(ip -o route get 255.0 2>/dev/null | sed -e 's/.*src \([^ ]*\) .*/\1/')
+ # protocol from cmdline, then https
+ protocol=${4:-https}
+ 
++mfa=""
++if ! grep -s pam_oath /etc/pam.d/cockpit; then
++  mfa="Note: Cockpit disallows root login by default.
++To create a regular user and optionally enable 2FA run both:
++
++jeos-config user
++jeos-config otp
++"
++fi
++
+ hostname_url="${protocol}://${hostname}:${port}/"
+ ip_url="${ip:+ or ${protocol}://${ip}:${port}/}"
+ 
+-printf 'Web console: %s%s\n\n' "${hostname_url}" "${ip_url}"  > /run/cockpit/active.motd
++printf 'Web console: %s%s\n\n%b\n' "${hostname_url}" "${ip_url}" "${mfa}"  > /run/cockpit/active.motd
diff --git a/cockpit.changes b/cockpit.changes
index 920db96..8f1b897 100644
--- a/cockpit.changes
+++ b/cockpit.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Mon Sep 30 07:08:12 UTC 2024 - Alice Brooks <alice.brooks@suse.com>
+
+- add 0006-totp-motd.patch for guidance to enabling totp to the mtod
+
 -------------------------------------------------------------------
 Wed Sep 18 12:37:18 UTC 2024 - Jan Zerebecki <jan.suse@zerebecki.de>
 
diff --git a/cockpit.spec b/cockpit.spec
index ba164c2..72de07c 100644
--- a/cockpit.spec
+++ b/cockpit.spec
@@ -68,6 +68,7 @@ Patch5:         storage-btrfs.patch
 # SLE Micro specific patches
 Patch101:       hide-pcp.patch
 Patch102:       0002-selinux-temporary-remove-setroubleshoot-section.patch
+Patch106:       0006-totp-motd.patch
 # For anything based on SLES 15 codebase (including Leap, SLE Micro)
 Patch103:       0004-leap-gnu18-removal.patch
 Patch104:       selinux_libdir.patch
@@ -233,6 +234,7 @@ BuildRequires:  python3-tox-current-env
 # SLE Micro specific patches
 %if 0%{?is_smo}
 %patch -P 101 -p1
+%patch -P 106 -p1
 # Patches for versions lower then SLE Micro 5.5
 %if 0%{?sle_version} < 150500
 %patch -P 102 -p1