diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index ad5832dad..c6d13d417 100644
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -25,6 +25,7 @@ class AccountController < ApplicationController
 
   # prevents login action to be filtered by check_if_login_required application scope filter
   skip_before_action :check_if_login_required, :check_password_change
+  skip_before_action :check_twofa_activation, :only => :logout
 
   # Overrides ApplicationController#verify_authenticity_token to disable
   # token verification on openid callbacks
diff --git a/test/integration/twofa_test.rb b/test/integration/twofa_test.rb
index 36412a7c2..a787e2770 100644
--- a/test/integration/twofa_test.rb
+++ b/test/integration/twofa_test.rb
@@ -43,6 +43,19 @@ class TwofaTest < Redmine::IntegrationTest
     end
   end
 
+  test 'should allow logout even if twofa setup is required' do
+    with_settings twofa: '2' do
+      log_user('jsmith', 'jsmith')
+      follow_redirect!
+      assert_redirected_to '/my/twofa/totp/activate/confirm'
+      follow_redirect!
+      post '/logout'
+      assert_redirected_to '/'
+      follow_redirect!
+      assert_response :success
+    end
+  end
+
   test "should generate and accept backup codes" do
     log_user('jsmith', 'jsmith')
     get "/my/account"