diff --git a/app/Http/Controllers/AccountController.php b/app/Http/Controllers/AccountController.php
index dac8078a6..6f136c3ad 100644
--- a/app/Http/Controllers/AccountController.php
+++ b/app/Http/Controllers/AccountController.php
@@ -374,10 +374,13 @@ class AccountController extends Controller
 	public function sudoModeVerify(Request $request)
 	{
 		$this->validate($request, [
-			'password' => 'required|string|max:500'
+			'password' => 'required|string|max:500',
+			'trustDevice' => 'nullable'
 		]);
+
 		$user = Auth::user();
 		$password = $request->input('password');
+		$trustDevice = $request->input('trustDevice') == 'on';
 		$next = $request->session()->get('redirectNext', '/');
 		if($request->session()->has('sudoModeAttempts')) {
 			$count = (int) $request->session()->get('sudoModeAttempts');
@@ -387,6 +390,9 @@ class AccountController extends Controller
 		}
 		if(password_verify($password, $user->password) === true) {
 			$request->session()->put('sudoMode', time());
+			if($trustDevice == true) {
+				$request->session()->put('sudoTrustDevice', 1);
+			}
 			return redirect($next);
 		} else {
 			return redirect()
diff --git a/app/Http/Middleware/DangerZone.php b/app/Http/Middleware/DangerZone.php
index 5a43d6e6b..c74c90eeb 100644
--- a/app/Http/Middleware/DangerZone.php
+++ b/app/Http/Middleware/DangerZone.php
@@ -25,7 +25,7 @@ class DangerZone
         if(!Auth::check()) {
             return redirect(route('login'));
         }
-        if(!$request->is('i/auth/sudo')) {
+        if(!$request->is('i/auth/sudo') && $request->session()->get('sudoTrustDevice') != 1) {
             if( !$request->session()->has('sudoMode') ) {
                 $request->session()->put('redirectNext', $request->url());
                 return redirect('/i/auth/sudo');
diff --git a/resources/views/auth/sudo.blade.php b/resources/views/auth/sudo.blade.php
index 9a253c32a..515fcba03 100644
--- a/resources/views/auth/sudo.blade.php
+++ b/resources/views/auth/sudo.blade.php
@@ -13,19 +13,23 @@
                     <form method="POST">
                         @csrf
 
-                        <div class="form-group row">
+                        <div class="form-group">
+                            <input id="password" type="password" class="form-control{{ $errors->has('password') ? ' is-invalid' : '' }}" name="password" placeholder="{{__('Password')}}" required>
 
-                            <div class="col-md-12">
-                                <input id="password" type="password" class="form-control{{ $errors->has('password') ? ' is-invalid' : '' }}" name="password" placeholder="{{__('Password')}}" required>
-
-                                @if ($errors->has('password'))
-                                    <span class="invalid-feedback">
-                                        <strong>{{ $errors->first('password') }}</strong>
-                                    </span>
-                                @endif
-                            </div>
+                            @if ($errors->has('password'))
+                                <span class="invalid-feedback">
+                                    <strong>{{ $errors->first('password') }}</strong>
+                                </span>
+                            @endif
                         </div>
 
+                        <div class="form-group">
+                            <div class="custom-control custom-checkbox">
+                              <input type="checkbox" class="custom-control-input" id="trusted-device" name="trustDevice">
+                              <label class="custom-control-label text-muted" for="trusted-device">Don't ask me again, trust this device</label>
+                            </div>
+                        </div>  
+
                         <div class="form-group row mb-0">
                             <div class="col-md-12">
                                 <button type="submit" class="btn btn-success btn-block  font-weight-bold">