diff --git a/app/models/user_second_factor.rb b/app/models/user_second_factor.rb
index f70d4edfbec..6ca613a8f6a 100644
--- a/app/models/user_second_factor.rb
+++ b/app/models/user_second_factor.rb
@@ -1,6 +1,13 @@
 class UserSecondFactor < ActiveRecord::Base
   belongs_to :user
-  scope :backup_codes, -> { where(method: 2, enabled: true) }
+
+  scope :totp, -> do
+    where(method: UserSecondFactor.methods[:totp])
+  end
+
+  scope :backup_codes, -> do
+    where(method: UserSecondFactor.methods[:backup_codes], enabled: true)
+  end
 
   def self.methods
     @methods ||= Enum.new(
@@ -9,10 +16,6 @@ class UserSecondFactor < ActiveRecord::Base
     )
   end
 
-  def self.totp
-    where(method: 1).first
-  end
-
 end
 
 # == Schema Information
diff --git a/lib/tasks/users.rake b/lib/tasks/users.rake
index b3abf85d78a..84f49e7951e 100644
--- a/lib/tasks/users.rake
+++ b/lib/tasks/users.rake
@@ -135,6 +135,14 @@ GROUP BY p.user_id
   puts 'Done!', ''
 end
 
+desc "Disable 2FA for user with the given username"
+task "users:disable_2fa", [:username] => [:environment] do |_, args|
+  username = args[:username]
+  user = find_user(username)
+  UserSecondFactor.totp.where(user_id: user.id).each(&:destroy!)
+  puts "2FA disabled for #{username}"
+end
+
 def find_user(username)
   user = User.find_by_username(username)