diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index e679c85a4..febc78a94 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -7,8 +7,6 @@
 class SessionsController < Devise::SessionsController
   # rubocop:disable Rails/LexicallyScopedActionFilter
   before_action :authenticate_with_2fa, only: :create
-  after_action :reset_authentication_token, only: :create
-  before_action :reset_authentication_token, only: :destroy
   # rubocop:enable Rails/LexicallyScopedActionFilter
 
   def find_user
@@ -51,8 +49,4 @@ class SessionsController < Devise::SessionsController
     session[:otp_user_id] = user.id
     render :two_factor
   end
-
-  def reset_authentication_token
-    current_user&.reset_authentication_token!
-  end
 end
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 45bec9817..fcf3f753c 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -130,11 +130,6 @@ class UsersController < ApplicationController
     redirect_to edit_user_path
   end
 
-  def auth_token
-    current_user.ensure_authentication_token!
-    render status: 200, json: {token: current_user.authentication_token}
-  end
-
   private
 
   # rubocop:disable Metrics/MethodLength
diff --git a/app/models/user.rb b/app/models/user.rb
index 28813c604..70316e428 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -7,7 +7,6 @@
 require "attr_encrypted"
 
 class User < ApplicationRecord
-  include AuthenticationToken
   include Connecting
   include Querying
   include SocialActions
diff --git a/app/models/user/authentication_token.rb b/app/models/user/authentication_token.rb
deleted file mode 100644
index 7cee047c5..000000000
--- a/app/models/user/authentication_token.rb
+++ /dev/null
@@ -1,28 +0,0 @@
-# frozen_string_literal: true
-
-class User
-  module AuthenticationToken
-    extend ActiveSupport::Concern
-
-    # Generate new authentication token and save the record.
-    def reset_authentication_token!
-      self.authentication_token = self.class.authentication_token
-      save(validate: false)
-    end
-
-    # Generate authentication token unless already exists and save the record.
-    def ensure_authentication_token!
-      reset_authentication_token! if authentication_token.blank?
-    end
-
-    module ClassMethods
-      # Generate a token checking if one does not already exist in the database.
-      def authentication_token
-        loop do
-          token = Devise.friendly_token(30)
-          break token unless User.exists?(authentication_token: token)
-        end
-      end
-    end
-  end
-end
diff --git a/config/routes.rb b/config/routes.rb
index 30731e74e..040b2a12e 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -106,7 +106,6 @@ Rails.application.routes.draw do
     get :download_profile
     post :export_photos
     get :download_photos
-    post :auth_token
   end
 
   controller :users do
diff --git a/db/migrate/20220227215443_remove_authentication_token_from_users.rb b/db/migrate/20220227215443_remove_authentication_token_from_users.rb
new file mode 100644
index 000000000..f87a2b8e1
--- /dev/null
+++ b/db/migrate/20220227215443_remove_authentication_token_from_users.rb
@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+class RemoveAuthenticationTokenFromUsers < ActiveRecord::Migration[5.2]
+  def change
+    remove_index :users, column: :authentication_token, name: :index_users_on_authentication_token, unique: true
+    remove_column :users, :authentication_token, :string, limit: 30
+  end
+end
diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb
index ff00c6a5b..a77fdca56 100644
--- a/spec/controllers/sessions_controller_spec.rb
+++ b/spec/controllers/sessions_controller_spec.rb
@@ -45,26 +45,4 @@ describe SessionsController, type: :controller do
       expect(response).to redirect_to root_path
     end
   end
-
-  describe "#reset_authentication_token" do
-    context "for a logged in user" do
-      before do
-        sign_in @user, scope: :user
-      end
-
-      it "succeeds" do
-        expect { @controller.send(:reset_authentication_token) }.to_not raise_error
-      end
-    end
-
-    context "for a logged out user" do
-      before do
-        sign_out :user
-      end
-
-      it "succeeds" do
-        expect { @controller.send(:reset_authentication_token) }.to_not raise_error
-      end
-    end
-  end
 end
diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb
index bfa65578e..ead3bc9f0 100644
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@@ -275,13 +275,6 @@ describe UsersController, :type => :controller do
       get :edit, params: {id: @user.id}
       expect(assigns[:email_prefs]['mentioned']).to be false
     end
-
-    it "does not allow token auth" do
-      sign_out :user
-      bob.reset_authentication_token!
-      get :edit, params: {auth_token: bob.authentication_token}
-      expect(response).to redirect_to new_user_session_path
-    end
   end
 
   describe '#destroy' do
diff --git a/spec/models/user/authentication_token_spec.rb b/spec/models/user/authentication_token_spec.rb
deleted file mode 100644
index 73cce8fc3..000000000
--- a/spec/models/user/authentication_token_spec.rb
+++ /dev/null
@@ -1,42 +0,0 @@
-# frozen_string_literal: true
-
-describe User::AuthenticationToken, type: :model do
-  describe "#reset_authentication_token!" do
-    it "sets the authentication token" do
-      expect(alice.authentication_token).to be_nil
-      alice.reset_authentication_token!
-      expect(alice.authentication_token).not_to be_nil
-    end
-
-    it "resets the authentication token" do
-      alice.reset_authentication_token!
-      expect { alice.reset_authentication_token! }.to change { alice.authentication_token }
-    end
-  end
-
-  describe "#ensure_authentication_token!" do
-    it "doesn't change the authentication token" do
-      alice.reset_authentication_token!
-      expect { alice.ensure_authentication_token! }.to_not change { alice.authentication_token }
-    end
-
-    it "sets the authentication token if not yet set" do
-      expect(alice.authentication_token).to be_nil
-      alice.ensure_authentication_token!
-      expect(alice.authentication_token).not_to be_nil
-    end
-  end
-
-  describe ".authentication_token" do
-    it "generates an authentication token" do
-      expect(User.authentication_token.length).to eq(30)
-    end
-
-    it "checks that the authentication token is not yet in use by another user" do
-      alice.reset_authentication_token!
-      expect(Devise).to receive(:friendly_token).with(30).and_return(alice.authentication_token, "some_unused_token")
-
-      expect(User.authentication_token).to eq("some_unused_token")
-    end
-  end
-end
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 5e0fbf0c6..9614308c1 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -954,7 +954,6 @@ describe User, type: :model do
             hidden_shareables
             last_sign_in_ip
             invited_by_id
-            authentication_token
             auto_follow_back
             auto_follow_back_aspect_id
             unconfirmed_email
diff --git a/spec/support/account_matchers.rb b/spec/support/account_matchers.rb
index 7be32e7b5..1ccf5542c 100644
--- a/spec/support/account_matchers.rb
+++ b/spec/support/account_matchers.rb
@@ -29,7 +29,7 @@ RSpec::Matchers.define :be_a_clear_account do
   match do |user|
     attributes = %i[
       language reset_password_token remember_created_at sign_in_count current_sign_in_at last_sign_in_at
-      current_sign_in_ip last_sign_in_ip invited_by_id authentication_token unconfirmed_email confirm_email_token
+      current_sign_in_ip last_sign_in_ip invited_by_id unconfirmed_email confirm_email_token
       auto_follow_back auto_follow_back_aspect_id reset_password_sent_at last_seen color_theme
     ].map {|attribute| user[attribute] }