diff --git a/sites/backend/src/config.mjs b/sites/backend/src/config.mjs
index a8fcfdad108..6c5e31ebabe 100644
--- a/sites/backend/src/config.mjs
+++ b/sites/backend/src/config.mjs
@@ -257,7 +257,7 @@ if (baseConfig.use.oauth?.github) {
     redirectUri: `${
       process.env.BACKEND_OAUTH_GITHUB_CALLBACK_SITE
         ? process.env.BACKEND_OAUTH_GITHUB_CALLBACK_SITE
-        : 'https://next.freesewing.org'
+        : 'https://freesewing.org'
     }/signin/callback/github`,
   }
   baseConfig.oauth.github.url = (state) =>
@@ -279,7 +279,7 @@ if (baseConfig.use.oauth?.google) {
     redirectUri: `${
       process.env.BACKEND_OAUTH_GOOGLE_CALLBACK_SITE
         ? process.env.BACKEND_OAUTH_GOOGLE_CALLBACK_SITE
-        : 'https://next.freesewing.org'
+        : 'https://freesewing.org'
     }/signin/callback/google`,
   }
   baseConfig.oauth.google.url = (state) =>
diff --git a/sites/backend/src/models/user.mjs b/sites/backend/src/models/user.mjs
index bced60a1b3e..7be841ec611 100644
--- a/sites/backend/src/models/user.mjs
+++ b/sites/backend/src/models/user.mjs
@@ -919,7 +919,7 @@ UserModel.prototype.passwordSignIn = async function (req) {
       if (Array.isArray(check)) [result, mfaScratchCodes] = check
       else result = check
       if (!result) return this.setResponse(401, 'signInFailed')
-      if (mfaScratchCodes.length !== this.clear.data.mfaScratchCodes.length) {
+      if (mfaScratchCodes && mfaScratchCodes.length !== this.clear.data.mfaScratchCodes.length) {
         // Scratch code was used, update record to remove it
         await this.update({ data: { ...this.clear.data, mfaScratchCodes } })
       }