diff --git a/dashboard/src/components/UserDialog.vue b/dashboard/src/components/UserDialog.vue
index 27d806bab..4f7aa5576 100644
--- a/dashboard/src/components/UserDialog.vue
+++ b/dashboard/src/components/UserDialog.vue
@@ -28,6 +28,7 @@ const roles = ref([]);
 const profile = ref({});
 const busy = ref(false);
 const profileLocked = ref(false);
+const external2FA = ref(false);
 const formError = ref({});
 const displayName = ref('');
 const email = ref('');
@@ -41,6 +42,19 @@ const allLocalGroups = ref([]);
 const active = ref(true);
 const sendInvite = ref(false);
 const isSelf = ref(false);
+const reset2FABusy = ref(false);
+
+async function onReset2FA() {
+  if (!user.value) return;
+
+  reset2FABusy.value = true;
+
+  const [error] = await usersModel.disableTwoFactorAuthentication(user.value.id);
+  if (error) return console.error(error);
+
+  user.value.twoFactorAuthenticationEnabled = false;
+  reset2FABusy.value = false;
+}
 
 async function onSubmit() {
   if (!form.value.reportValidity()) return;
@@ -175,6 +189,7 @@ defineExpose({
     [error, result] = await dashboardModel.config();
     if (error) return console.error(error);
     profileLocked.value = result.profileLocked;
+    external2FA.value = result.external2FA;
 
     dialog.value.open();
   }
@@ -190,6 +205,10 @@ defineExpose({
     :confirm-active="!busy"
      reject-style="secondary"
     :reject-label="busy ? null : $t('main.dialog.cancel')"
+    :alternate-style="secondary"
+    :alternate-label="(user && user.twoFactorAuthenticationEnabled && !(user.source && external2FA)) ? $t('users.passwordResetDialog.reset2FAAction') : null"
+    :alternate-busy="reset2FABusy"
+    @alternate="onReset2FA()"
     @confirm="onSubmit()"
   >
     <p class="text-warning" v-if="user && user.source">{{ $t('users.editUserDialog.externalLdapWarning') }}</p>
diff --git a/dashboard/src/models/UsersModel.js b/dashboard/src/models/UsersModel.js
index 77bbfa494..01c807593 100644
--- a/dashboard/src/models/UsersModel.js
+++ b/dashboard/src/models/UsersModel.js
@@ -168,6 +168,17 @@ function create() {
       if (result.status !== 200) return [result];
       return [null, result.body.inviteLink];
     },
+    async disableTwoFactorAuthentication(id) {
+      let result;
+      try {
+        result = await fetcher.post(`${API_ORIGIN}/api/v1/users/${id}/twofactorauthentication_disable`, {}, { access_token: accessToken });
+      } catch (e) {
+        return [e];
+      }
+
+      if (result.status !== 200) return [result];
+      return [null];
+    },
   };
 }