diff --git a/src/pretix/control/views/auth.py b/src/pretix/control/views/auth.py
index 6bf1c367d..6650e6343 100644
--- a/src/pretix/control/views/auth.py
+++ b/src/pretix/control/views/auth.py
@@ -94,7 +94,9 @@ def process_login(request, user, keep_logged_in):
         pretix_successful_logins.inc(1)
         handle_login_source(user, request)
         auth_login(request, user)
-        request.session['pretix_auth_login_time'] = int(time.time())
+        t = int(time.time())
+        request.session['pretix_auth_login_time'] = t
+        request.session['pretix_auth_last_used'] = t
         if next_url and url_has_allowed_host_and_scheme(next_url, allowed_hosts=None):
             return redirect_to_url(next_url)
         return redirect('control:index')
diff --git a/src/tests/control/test_auth.py b/src/tests/control/test_auth.py
index 6622ed82d..5a23a56af 100644
--- a/src/tests/control/test_auth.py
+++ b/src/tests/control/test_auth.py
@@ -41,7 +41,7 @@ from django.contrib.auth.tokens import (
     PasswordResetTokenGenerator, default_token_generator,
 )
 from django.core import mail as djmail
-from django.test import TestCase, override_settings
+from django.test import RequestFactory, TestCase, override_settings
 from django.utils.timezone import now
 from django_otp.oath import TOTP
 from django_otp.plugins.otp_totp.models import TOTPDevice
@@ -50,6 +50,7 @@ from webauthn.authentication.verify_authentication_response import (
 )
 
 from pretix.base.models import Organizer, Team, U2FDevice, User
+from pretix.control.views.auth import process_login
 from pretix.helpers import security
 
 
@@ -892,6 +893,19 @@ class SessionTimeOutTest(TestCase):
         response = self.client.get('/control/')
         self.assertEqual(response.status_code, 302)
 
+    def test_plugin_auth_updates_auth_last_used(self):
+        session = self.client.session
+        session['pretix_auth_long_session'] = True
+        session['pretix_auth_login_time'] = int(time.time()) - 3600 * 5
+        session['pretix_auth_last_used'] = int(time.time()) - 3600 * 3 - 60
+        session.save()
+
+        request = RequestFactory().get("/")
+        request.session = self.client.session
+        process_login(request, self.user, keep_logged_in=True)
+
+        assert request.session['pretix_auth_last_used'] >= int(time.time()) - 60
+
     def test_update_session_activity(self):
         t1 = int(time.time()) - 5
         session = self.client.session