diff --git a/spongeauth/accounts/tests/test_view_login.py b/spongeauth/accounts/tests/test_view_login.py
index 6c138fcf..984e759f 100644
--- a/spongeauth/accounts/tests/test_view_login.py
+++ b/spongeauth/accounts/tests/test_view_login.py
@@ -49,7 +49,7 @@ def test_constructs_authentication_form(self):
     def test_errors_with_invalid_username(self):
         resp = self.client.post(self.path(), {"username": "foobar", "password": "barbarbar"})
         assert isinstance(resp.context["form"], forms.AuthenticationForm)
-        self.assertFormError(resp, "form", "username", "There is no user with that username.")
+        self.assertFormError(resp.context["form"], "username", "There is no user with that username.")
         user = django.contrib.auth.get_user(self.client)
         assert not user.is_authenticated
 
@@ -57,7 +57,7 @@ def test_errors_with_invalid_password(self):
         user = factories.UserFactory.create()
         resp = self.client.post(self.path(), {"username": user.username, "password": "barbarbar"})
         assert isinstance(resp.context["form"], forms.AuthenticationForm)
-        self.assertFormError(resp, "form", "password", "The provided password was incorrect.")
+        self.assertFormError(resp.context["form"], "password", "The provided password was incorrect.")
         user = django.contrib.auth.get_user(self.client)
         assert not user.is_authenticated
 
diff --git a/spongeauth/twofa/tests/test_view_helpers.py b/spongeauth/twofa/tests/test_view_helpers.py
index 7a24d024..2512c0f5 100644
--- a/spongeauth/twofa/tests/test_view_helpers.py
+++ b/spongeauth/twofa/tests/test_view_helpers.py
@@ -44,7 +44,7 @@ def test_has_paper_codes(self):
 
 @pytest.mark.django_db
 class TestGeneratePaperCodesIfNeeded:
-    def setup(self):
+    def setup_method(self):
         self.user = accounts.models.User(twofa_enabled=True)
         self.user.save()
 
diff --git a/spongeauth/twofa/tests/test_view_setup_totp.py b/spongeauth/twofa/tests/test_view_setup_totp.py
index c346a320..7d591c0e 100644
--- a/spongeauth/twofa/tests/test_view_setup_totp.py
+++ b/spongeauth/twofa/tests/test_view_setup_totp.py
@@ -34,7 +34,7 @@ def extract_secret(self, resp, user=None):
         return base64.b32decode(setup_signer.unsign(resp.context[-1]["form"].secret))
 
     def signer(self, user):
-        return django.core.signing.TimestampSigner("twofa.views.setup_totp:{}".format(user.pk))
+        return django.core.signing.TimestampSigner(key="twofa.views.setup_totp:{}".format(user.pk))
 
     def test_requires_login(self):
         client = django.test.Client()
diff --git a/spongeauth/twofa/views.py b/spongeauth/twofa/views.py
index 56340420..74e54a02 100644
--- a/spongeauth/twofa/views.py
+++ b/spongeauth/twofa/views.py
@@ -109,7 +109,7 @@ def setup_totp(request):
         messages.error(request, _("You may not have multiple Google Authenticators attached to your account."))
         return redirect("twofa:list")
 
-    setup_signer = TimestampSigner("twofa.views.setup_totp:{}".format(request.user.pk))
+    setup_signer = TimestampSigner(key="twofa.views.setup_totp:{}".format(request.user.pk))
 
     if request.method == "POST" and "secret" in request.POST:
         try: