diff --git a/app/dashboard/views/mfa_cancel.py b/app/dashboard/views/mfa_cancel.py
index b3b659a7..6dd940fe 100644
--- a/app/dashboard/views/mfa_cancel.py
+++ b/app/dashboard/views/mfa_cancel.py
@@ -27,6 +27,7 @@ def mfa_cancel():
 
         if totp.verify(token):
             current_user.enable_otp = False
+            current_user.otp_secret = None
             db.session.commit()
             flash("MFA is now disabled", "warning")
             return redirect(url_for("dashboard.index"))