diff --git a/src/pretix/control/templates/pretixcontrol/user/2fa_delete.html b/src/pretix/control/templates/pretixcontrol/user/2fa_delete.html
new file mode 100644
index 0000000000..882b29f8ff
--- /dev/null
+++ b/src/pretix/control/templates/pretixcontrol/user/2fa_delete.html
@@ -0,0 +1,25 @@
+{% extends "pretixcontrol/base.html" %}
+{% load i18n %}
+{% load bootstrap3 %}
+{% block title %}{% trans "Delete a two-factor authentication device" %}{% endblock %}
+{% block content %}
+    <h1>{% trans "Delete a two-factor authentication device" %}</h1>
+    <form action="" method="post" class="form-horizontal">
+        {% csrf_token %}
+        <p>{% blocktrans trimmed with device=device.name %}
+            Are you sure you want to delete the authentication device "{{ device }}"?
+        {% endblocktrans %}</p>
+        <p>{% trans "You will no longer be able to use this device to log in to pretix." %}</p>
+        <p>
+            {% trans "If this is the only device connected to your account, we will disable two-factor authentication." %}
+        </p>
+        <div class="form-group submit-group">
+            <a href="{% url "control:user.settings.2fa" %}" class="btn btn-default btn-cancel">
+                {% trans "Cancel" %}
+            </a>
+            <button type="submit" class="btn btn-danger btn-save">
+                {% trans "Delete" %}
+            </button>
+        </div>
+    </form>
+{% endblock %}
diff --git a/src/pretix/control/templates/pretixcontrol/user/2fa_main.html b/src/pretix/control/templates/pretixcontrol/user/2fa_main.html
index eb9d0646de..bbb0051a5e 100644
--- a/src/pretix/control/templates/pretixcontrol/user/2fa_main.html
+++ b/src/pretix/control/templates/pretixcontrol/user/2fa_main.html
@@ -48,7 +48,11 @@
         <ul class="list-group">
             {% for d in devices %}
                 <li class="list-group-item">
-                {% if d.devicetype == "totp" %}
+                    <a class="btn btn-danger btn-xs pull-right"
+                            href="{% url "control:user.settings.2fa.delete" devicetype=d.devicetype device=d.pk %}">
+                        Delete
+                    </a>
+                    {% if d.devicetype == "totp" %}
                         <span class="fa fa-mobile"></span>
                     {% endif %}
                     {{ d.name }}
diff --git a/src/pretix/control/urls.py b/src/pretix/control/urls.py
index a9ade95bb5..41c2d4b849 100644
--- a/src/pretix/control/urls.py
+++ b/src/pretix/control/urls.py
@@ -17,6 +17,8 @@ urlpatterns = [
     url(r'^settings/2fa/add$', user.User2FADeviceAddView.as_view(), name='user.settings.2fa.add'),
     url(r'^settings/2fa/totp/(?P<device>[0-9]+)/confirm', user.User2FADeviceConfirmTOTPView.as_view(),
         name='user.settings.2fa.confirm.totp'),
+    url(r'^settings/2fa/(?P<devicetype>[^/]+)/(?P<device>[0-9]+)/delete', user.User2FADeviceDeleteView.as_view(),
+        name='user.settings.2fa.delete'),
     url(r'^organizers/$', organizer.OrganizerList.as_view(), name='organizers'),
     url(r'^organizers/add$', organizer.OrganizerCreate.as_view(), name='organizers.add'),
     url(r'^organizer/(?P<organizer>[^/]+)/edit$', organizer.OrganizerUpdate.as_view(), name='organizer.edit'),
diff --git a/src/pretix/control/views/user.py b/src/pretix/control/views/user.py
index 07ce8d3e19..1fe7ab7aa3 100644
--- a/src/pretix/control/views/user.py
+++ b/src/pretix/control/views/user.py
@@ -15,6 +15,9 @@ from pretix.base.forms.user import User2FADeviceAddForm, UserSettingsForm
 from pretix.base.models import User
 
 
+REAL_DEVICE_TYPES = (TOTPDevice,)
+
+
 class UserSettings(UpdateView):
     model = User
     form_class = UserSettingsForm
@@ -49,7 +52,7 @@ class User2FAMainView(TemplateView):
         ctx = super().get_context_data()
 
         ctx['devices'] = []
-        for dt in (TOTPDevice,):
+        for dt in REAL_DEVICE_TYPES:
             objs = list(dt.objects.filter(user=self.request.user, confirmed=True))
             for obj in objs:
                 if dt == TOTPDevice:
@@ -74,6 +77,28 @@ class User2FADeviceAddView(FormView):
         }))
 
 
+class User2FADeviceDeleteView(TemplateView):
+    template_name = 'pretixcontrol/user/2fa_delete.html'
+
+    @cached_property
+    def device(self):
+        if self.kwargs['devicetype'] == 'totp':
+            return get_object_or_404(TOTPDevice, user=self.request.user, pk=self.kwargs['device'], confirmed=True)
+
+    def get_context_data(self, **kwargs):
+        ctx = super().get_context_data()
+        ctx['device'] = self.device
+        return ctx
+
+    def post(self, request, *args, **kwargs):
+        self.device.delete()
+        if not any(dt.objects.filter(user=self.request.user, confirmed=True) for dt in REAL_DEVICE_TYPES):
+            self.request.user.require_2fa = False
+            self.request.user.save()
+        messages.success(request, _('The device has been removed.'))
+        return redirect(reverse('control:user.settings.2fa'))
+
+
 class User2FADeviceConfirmTOTPView(TemplateView):
     template_name = 'pretixcontrol/user/2fa_confirm_totp.html'