diff --git a/app/Http/Controllers/Auth/WebAuthnRecoveryController.php b/app/Http/Controllers/Auth/WebAuthnRecoveryController.php
index 10481fc7..ee110daa 100644
--- a/app/Http/Controllers/Auth/WebAuthnRecoveryController.php
+++ b/app/Http/Controllers/Auth/WebAuthnRecoveryController.php
@@ -50,7 +50,7 @@ function ($user) use ($request) {
                     if ($this->shouldRevokeAllCredentials($request)) {
                         $user->flushCredentials();
                     }
-                    $user->preferences['useWebauthnOnly'] = false;
+                    $user['preferences->useWebauthnOnly'] = false;
                     $user->save();
                     Log::notice(sprintf('Legacy login restored for user ID #%s', $user->id));
                 } else {