diff --git a/src/Controller/SecurityController.php b/src/Controller/SecurityController.php
index 7ce8d6e5..5c7a2262 100644
--- a/src/Controller/SecurityController.php
+++ b/src/Controller/SecurityController.php
@@ -205,11 +205,36 @@ class SecurityController extends AbstractController
                 $entityManager->flush();
                 $this->addFlash('success', 'tfa.u2f.u2f_delete.success');
             }
+        } else {
+            $this->addFlash('error','csfr_invalid');
         }
         
         return $this->redirectToRoute('user_settings');
     }
 
+    /**
+     * @Route("/user/invalidate_trustedDevices", name="tfa_trustedDevices_invalidate", methods={"DELETE"})
+     */
+    public function resetTrustedDevices(Request $request, EntityManagerInterface $entityManager)
+    {
+        $user = $this->getUser();
+        if (!$user instanceof User) {
+            return new \RuntimeException('This controller only works only for Part-DB User objects!');
+        }
+        //When user change its settings, he should be logged  in fully.
+        $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
+
+        if ($this->isCsrfTokenValid('devices_reset'.$user->getId(), $request->request->get('_token'))) {
+            $user->invalidateTrustedDeviceTokens();
+            $entityManager->flush();
+            $this->addFlash('success', 'tfa_trustedDevice.invalidate.success');
+        } else {
+            $this->addFlash('error','csfr_invalid');
+        }
+
+        return $this->redirectToRoute('user_settings');
+    }
+
     /**
      * @Route("/logout", name="logout")
      */
diff --git a/templates/Users/_2fa_settings.html.twig b/templates/Users/_2fa_settings.html.twig
index d2598335..037d3456 100644
--- a/templates/Users/_2fa_settings.html.twig
+++ b/templates/Users/_2fa_settings.html.twig
@@ -20,6 +20,10 @@
                 <a class="nav-link" id="u2f-tab" data-toggle="tab" href="#tfa-u2f" role="tab"
                    aria-controls="profile" aria-selected="false">{% trans %}tfa.settings.u2f.tab{% endtrans %}</a>
             </li>
+            <li class="nav-item">
+                <a class="nav-link" id="trustedDevices-tab" data-toggle="tab" href="#tfa-trustedDevices" role="tab"
+                   aria-controls="profile" aria-selected="false">{% trans %}tfa.settings.trustedDevices.tab{% endtrans %}</a>
+            </li>
         </ul>
         <div class="tab-content mt-3 mb-3" id="tfa-tabs-content">
             <div class="tab-pane fade show active" id="tfa-google" role="tabpanel" aria-labelledby="google-tab">
@@ -132,6 +136,17 @@
                 <a href="{{ url('club_base_register_u2f') }}" class="btn btn-success"><i class="fas fa-plus-square fa-fw"></i> {% trans %}tfa_u2f.add_new_key{% endtrans %}</a>
             </div>
 
+            <div class="tab-pane fade" id="tfa-trustedDevices" role="tabpanel" aria-labelledby="trustedDevices-tab-tab">
+                <p>{% trans %}tfa_trustedDevices.explanation{% endtrans %}</p>
+                <form action="{{ url('tfa_trustedDevices_invalidate') }}" method="post" data-delete-form data-title="{% trans %}tfa_trustedDevices.invalidate.confirm_title{% endtrans %}"
+                      data-message="{% trans %}tfa_trustedDevices.invalidate.confirm_message{% endtrans %}">
+                    <input type="hidden" name="_method" value="DELETE">
+                    <input type="hidden" name="_token" value="{{ csrf_token('devices_reset' ~ user.id) }}">
+
+                    <button class="btn btn-danger" type="submit">{% trans %}tfa_trustedDevices.invalidate.btn{% endtrans %}</button>
+                </form>
+            </div>
+
         </div>