diff --git a/lib/components/secondary-device-qr-auth-context-provider.react.js b/lib/components/secondary-device-qr-auth-context-provider.react.js
--- a/lib/components/secondary-device-qr-auth-context-provider.react.js
+++ b/lib/components/secondary-device-qr-auth-context-provider.react.js
@@ -5,6 +5,7 @@
 
 import { useSecondaryDeviceLogIn } from '../hooks/login-hooks.js';
 import { uintArrayToHexString } from '../media/data-utils.js';
+import { isLoggedIn } from '../selectors/user-selectors.js';
 import { IdentityClientContext } from '../shared/identity-client-context.js';
 import { useTunnelbroker } from '../tunnelbroker/tunnelbroker-context.js';
 import {
@@ -23,6 +24,7 @@
 } from '../types/tunnelbroker/qr-code-auth-message-types.js';
 import { getContentSigningKey } from '../utils/crypto-utils.js';
 import { getMessageForException } from '../utils/errors.js';
+import { useSelector } from '../utils/redux-utils.js';
 
 type Props = {
   +children: React.Node,
@@ -66,6 +68,7 @@
   const [primaryDeviceID, setPrimaryDeviceID] = React.useState<?string>();
   const [qrData, setQRData] = React.useState<?QRData>();
   const [qrAuthFinished, setQRAuthFinished] = React.useState(false);
+  const loggedIn = useSelector(isLoggedIn);
 
   const {
     setUnauthorizedDeviceID,
@@ -147,7 +150,8 @@
       if (
         !qrData?.aesKey ||
         message.type !== tunnelbrokerToDeviceMessageTypes.MESSAGE_TO_DEVICE ||
-        socketState.isAuthorized
+        socketState.isAuthorized ||
+        loggedIn
       ) {
         return;
       }
@@ -207,6 +211,7 @@
       setUnauthorizedDeviceID,
       parseTunnelbrokerQRAuthMessage,
       confirmMessageToTunnelbroker,
+      loggedIn,
     ],
   );