diff --git a/app/Http/Requests/TwoFAccountDeleteRequest.php b/app/Http/Requests/TwoFAccountDeleteRequest.php
new file mode 100644
index 00000000..284dce82
--- /dev/null
+++ b/app/Http/Requests/TwoFAccountDeleteRequest.php
@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class TwoFAccountDeleteRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'ids' => 'required',
+        ];
+    }
+}
\ No newline at end of file
diff --git a/app/Http/Requests/TwoFAccountDynamicRequest.php b/app/Http/Requests/TwoFAccountDynamicRequest.php
new file mode 100644
index 00000000..914f4471
--- /dev/null
+++ b/app/Http/Requests/TwoFAccountDynamicRequest.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Support\Arr;
+use Illuminate\Foundation\Http\FormRequest;
+
+class TwoFAccountDynamicRequest extends FormRequest
+{
+    /**
+    * Determine if the user is authorized to make this request.
+    *
+    * @return bool
+    */
+    public function authorize()
+    {
+        return true;
+    }
+    
+    /**
+    * Get the validation rules that apply to the request.
+    *
+    * @return array
+    */
+    public function rules()
+    {
+        $rules = Arr::has($this->validationData(), 'uri')
+            ? (new TwoFAccountUriRequest)->rules()
+            : (new TwoFAccountStoreRequest)->rules();
+
+        return $rules;
+    }
+}
\ No newline at end of file
diff --git a/app/Http/Requests/TwoFAccountEditRequest.php b/app/Http/Requests/TwoFAccountEditRequest.php
deleted file mode 100644
index b6864f0e..00000000
--- a/app/Http/Requests/TwoFAccountEditRequest.php
+++ /dev/null
@@ -1,42 +0,0 @@
-<?php
-
-namespace App\Http\Requests;
-
-use Illuminate\Foundation\Http\FormRequest;
-
-class TwoFAccountEditRequest extends FormRequest
-{
-    /**
-     * Determine if the user is authorized to make this request.
-     *
-     * @return bool
-     */
-    public function authorize()
-    {
-        return false;
-    }
-
-    /**
-     * Get the validation rules that apply to the request.
-     *
-     * @return array
-     */
-    public function rules()
-    {
-
-        // see https://github.com/google/google-authenticator/wiki/Key-Uri-Format
-        // for otpauth uri format validation
-        return [
-            'service' => 'required_without:uri|string',
-            'account' => 'required_without:uri|nullable|string|regex:/^[^:]+$/i',
-            'icon' => 'nullable|string',
-            'uri' => 'nullable|string|regex:/^otpauth:\/\/[h,t]otp\//i',
-            'otpType' => 'required_without:uri|in:totp,hotp',
-            'secret' => 'required_without:uri|string',
-            'digits' => 'nullable|integer|between:6,10',
-            'algorithm' => 'nullable|in:sha1,sha256,sha512,md5',
-            'period' => 'required_if:otpType,totp|nullable|integer|min:1',
-            'counter' => 'required_if:otpType,hotp|nullable|integer|min:0',
-        ];
-    }
-}
diff --git a/app/Http/Requests/TwoFAccountStoreRequest.php b/app/Http/Requests/TwoFAccountStoreRequest.php
index ab592584..5d8360fe 100644
--- a/app/Http/Requests/TwoFAccountStoreRequest.php
+++ b/app/Http/Requests/TwoFAccountStoreRequest.php
@@ -23,18 +23,14 @@ public function authorize()
      */
     public function rules()
     {
-
-        // see https://github.com/google/google-authenticator/wiki/Key-Uri-Format
-        // for otpauth uri format validation
         return [
-            'service' => 'required_without:uri|string',
-            'account' => 'required_without:uri|nullable|string|regex:/^[^:]+$/i',
+            'service' => 'nullable|string|regex:/^[^:]+$/i',
+            'account' => 'required|string|regex:/^[^:]+$/i',
             'icon' => 'nullable|string',
-            'uri' => 'nullable|string|regex:/^otpauth:\/\/[h,t]otp\//i',
-            'otpType' => 'required_without:uri|in:totp,hotp',
-            'secret' => 'required_without:uri|string',
+            'otp_type' => 'required|string|in:totp,hotp',
+            'secret' => ['string', 'bail', new \App\Rules\IsBase32Encoded],
             'digits' => 'nullable|integer|between:6,10',
-            'algorithm' => 'nullable|in:sha1,sha256,sha512,md5',
+            'algorithm' => 'nullable|string|in:sha1,sha256,sha512,md5',
             'period' => 'nullable|integer|min:1',
             'counter' => 'nullable|integer|min:0',
         ];
diff --git a/app/Http/Requests/TwoFAccountUpdateRequest.php b/app/Http/Requests/TwoFAccountUpdateRequest.php
new file mode 100644
index 00000000..38c9d823
--- /dev/null
+++ b/app/Http/Requests/TwoFAccountUpdateRequest.php
@@ -0,0 +1,38 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class TwoFAccountUpdateRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'service' => 'required|nullable|string|regex:/^[^:]+$/i',
+            'account' => 'required|string|regex:/^[^:]+$/i',
+            'icon' => 'required|nullable|string',
+            'otp_type' => 'required|string|in:totp,hotp',
+            'secret' => ['required', 'string', 'bail', new \App\Rules\IsBase32Encoded],
+            'digits' => 'required|integer|between:6,10',
+            'algorithm' => 'required|string|in:sha1,sha256,sha512,md5',
+            'period' => 'required_if:otp_type,totp|integer|min:1',
+            'counter' => 'required_if:otp_type,hotp|integer|min:0',
+        ];
+    }
+}
diff --git a/app/Http/Requests/TwoFAccountUriRequest.php b/app/Http/Requests/TwoFAccountUriRequest.php
new file mode 100644
index 00000000..b2a3e033
--- /dev/null
+++ b/app/Http/Requests/TwoFAccountUriRequest.php
@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class TwoFAccountUriRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'uri' => 'required|string|regex:/^otpauth:\/\/[h,t]otp\//i',
+        ];
+    }
+}
\ No newline at end of file