diff --git a/app/Console/Commands/UpdateKey.php b/app/Console/Commands/UpdateKey.php
index 4bf51c28ef2e..d18dd524a81c 100644
--- a/app/Console/Commands/UpdateKey.php
+++ b/app/Console/Commands/UpdateKey.php
@@ -6,7 +6,9 @@ use Illuminate\Console\Command;
 use Symfony\Component\Console\Input\InputOption;
 use App\Models\AccountGateway;
 use App\Models\BankAccount;
+use App\Models\User;
 use Artisan;
+use Crypt;
 use Illuminate\Encryption\Encrypter;
 use Laravel\LegacyEncrypter\McryptEncrypter;
 
@@ -18,7 +20,7 @@ class UpdateKey extends Command
     /**
      * @var string
      */
-    protected $name = 'ninja:update-key';
+    protected $name = 'ninja:update-key {--database=}';
 
     /**
      * @var string
@@ -29,6 +31,10 @@ class UpdateKey extends Command
     {
         $this->info(date('r') . ' Running UpdateKey...');
 
+        if ($database = $this->option('database')) {
+            config(['database.default' => $database]);
+        }
+
         if (! env('APP_KEY') || ! env('APP_CIPHER')) {
             $this->info(date('r') . ' Error: app key and cipher are not set');
             exit;
@@ -42,6 +48,7 @@ class UpdateKey extends Command
         // load the current values
         $gatewayConfigs = [];
         $bankUsernames = [];
+        $twoFactorSecrets = [];
 
         foreach (AccountGateway::all() as $gateway) {
             if ($legacy) {
@@ -59,6 +66,14 @@ class UpdateKey extends Command
             }
         }
 
+        foreach (User::where('google_2fa_secret', '!=', '')->get() as $user) {
+            if ($legacy) {
+                $twoFactorSecrets[$user->id] = $legacy->decrypt($user->google_2fa_secret);
+            } else {
+                $twoFactorSecrets[$user->id] = Crypt::decrypt($user->google_2fa_secret);
+            }
+        }
+
         // check if we can write to the .env file
         $envPath = base_path() . '/.env';
         $envWriteable = file_exists($envPath) && @fopen($envPath, 'a');
@@ -86,6 +101,12 @@ class UpdateKey extends Command
             $bank->save();
         }
 
+        foreach (User::where('google_2fa_secret', '!=', '')->get() as $user) {
+            $secret = $twoFactorSecrets[$user->id];
+            $user->google_2fa_secret = $crypt->encrypt($secret);
+            $user->save();
+        }
+
         $message = date('r') . ' Successfully updated ';
         if ($envWriteable) {
             if ($legacy) {
@@ -118,6 +139,7 @@ class UpdateKey extends Command
     {
         return [
             ['legacy', null, InputOption::VALUE_OPTIONAL, 'Legacy', null],
+            ['database', null, InputOption::VALUE_OPTIONAL, 'Database', null],
         ];
     }
 }