diff --git a/zerver/decorator.py b/zerver/decorator.py
index 95c231840c..81b923925e 100644
--- a/zerver/decorator.py
+++ b/zerver/decorator.py
@@ -1052,9 +1052,7 @@ def zulip_otp_required(
 
         # This request is unauthenticated (logged-out) access; 2FA is
         # not required or possible.
-        #
-        # TODO: Add a test for 2FA-enabled with web-public views.
-        if not user.is_authenticated:  # nocoverage
+        if not user.is_authenticated:
             return True
 
         # If the user doesn't have 2FA set up, we can't enforce 2FA.
diff --git a/zerver/tests/test_decorators.py b/zerver/tests/test_decorators.py
index 3ac8ba75ca..2366604e70 100644
--- a/zerver/tests/test_decorators.py
+++ b/zerver/tests/test_decorators.py
@@ -34,6 +34,7 @@ from zerver.decorator import (
     validate_api_key,
     webhook_view,
     zulip_login_required,
+    zulip_otp_required,
 )
 from zerver.forms import OurAuthenticationForm
 from zerver.lib.cache import dict_to_items_tuple, ignore_unhashable_lru_cache, items_tuple_to_dict
@@ -1900,6 +1901,17 @@ class TestZulipLoginRequiredDecorator(ZulipTestCase):
             response = test_view(request)
             self.assertEqual(response.content.decode(), "Success")
 
+    def test_otp_not_authenticated(self) -> None:
+        @zulip_otp_required()
+        def test_view(request: HttpRequest) -> HttpResponse:
+            return HttpResponse("Success")
+
+        with self.settings(TWO_FACTOR_AUTHENTICATION_ENABLED=True):
+            user = AnonymousUser()
+            request = HostRequestMock(user_profile=user)
+            response = test_view(request)
+            self.assertEqual(response.content.decode(), "Success")
+
 
 class TestRequireDecorators(ZulipTestCase):
     def test_require_server_admin_decorator(self) -> None: