diff --git a/src/controllers/admin_controller.rs b/src/controllers/admin_controller.rs
index 27f4df5..8c5cf1e 100644
--- a/src/controllers/admin_controller.rs
+++ b/src/controllers/admin_controller.rs
@@ -94,15 +94,26 @@ pub async fn users_route(
             .is_some();
         user.admin = update.0.admin.is_some();
 
-        let factors_to_keep = update.0.two_factor.split(';').collect::<Vec<_>>();
-        user.two_factor
-            .retain(|f| factors_to_keep.contains(&f.id.0.as_str()));
-
         let res = users
             .send(users_actor::UpdateUserRequest(user.clone()))
             .await
             .unwrap();
 
+        // Update the list of factors
+        let factors_to_keep = update.0.two_factor.split(';').collect::<Vec<_>>();
+        for factor in &user.two_factor {
+            if !factors_to_keep.contains(&factor.id.0.as_str()) {
+                logger.log(Action::AdminRemoveUserFactor(&user, factor));
+                users
+                    .send(users_actor::Remove2FAFactor(
+                        user.uid.clone(),
+                        factor.id.clone(),
+                    ))
+                    .await
+                    .unwrap();
+            }
+        }
+
         // Update list of granted clients
         let granted_clients = match update.0.grant_type.as_str() {
             "all_clients" => GrantedClients::AllClients,
diff --git a/src/data/action_logger.rs b/src/data/action_logger.rs
index de7e1d6..3a951eb 100644
--- a/src/data/action_logger.rs
+++ b/src/data/action_logger.rs
@@ -19,6 +19,7 @@ pub enum Action<'a> {
     AdminUpdateUser(&'a User),
     AdminDeleteUser(&'a User),
     AdminResetUserPassword(&'a User),
+    AdminRemoveUserFactor(&'a User, &'a TwoFactor),
     AdminSetNewGrantedClientsList(&'a User, &'a GrantedClients),
     AdminClear2FAHistory(&'a User),
     LoginWebauthnAttempt { success: bool, user_id: UserID },
@@ -55,6 +56,11 @@ impl<'a> Action<'a> {
                     user.quick_identity()
                 )
             }
+            Action::AdminRemoveUserFactor(user, factor) => format!(
+                "removed 2 factor ({}) of user ({})",
+                factor.quick_description(),
+                user.quick_identity()
+            ),
             Action::AdminClear2FAHistory(user) => {
                 format!("cleared 2FA history of {}", user.quick_identity())
             }
@@ -111,10 +117,8 @@ impl<'a> Action<'a> {
             Action::ChangedHisPassword => "changed his password".to_string(),
             Action::ClearedHisLoginHistory => "cleared his login history".to_string(),
             Action::AddNewFactor(factor) => format!(
-                "added a new {} factor with name {} and id {:?} to his account",
-                factor.type_str(),
-                factor.name,
-                factor.id,
+                "added a new factor to his account : {}",
+                factor.quick_description(),
             ),
             Action::Removed2FAFactor { factor_id } => format!("Removed his factor {:?}", factor_id),
         }
diff --git a/src/data/user.rs b/src/data/user.rs
index 3bb6240..2b6dee6 100644
--- a/src/data/user.rs
+++ b/src/data/user.rs
@@ -45,6 +45,15 @@ pub struct TwoFactor {
 }
 
 impl TwoFactor {
+    pub fn quick_description(&self) -> String {
+        format!(
+            "#{} of type {} and name '{}'",
+            self.id.0,
+            self.type_str(),
+            self.name
+        )
+    }
+
     pub fn type_str(&self) -> &'static str {
         match self.kind {
             TwoFactorType::TOTP(_) => "Authenticator app",