diff --git a/sites/backend/src/models/confirmation.mjs b/sites/backend/src/models/confirmation.mjs
index 297c24f754b..f6684315e6e 100644
--- a/sites/backend/src/models/confirmation.mjs
+++ b/sites/backend/src/models/confirmation.mjs
@@ -91,6 +91,14 @@ ConfirmationModel.prototype.create = async function (data = {}) {
   return this.setResponse(201)
 }
 
+ConfirmationModel.prototype.unguardedDelete = async function () {
+  await this.prisma.confirmation.delete({ where: { id: this.record.id } })
+  this.record = null
+  this.clear = null
+
+  return this.setExists()
+}
+
 /*
  * Helper method to decrypt at-rest data
  */
diff --git a/sites/backend/src/models/user.mjs b/sites/backend/src/models/user.mjs
index 6804dc7dad3..7a43608be60 100644
--- a/sites/backend/src/models/user.mjs
+++ b/sites/backend/src/models/user.mjs
@@ -357,6 +357,9 @@ UserModel.prototype.confirm = async function ({ body, params }) {
   })
   if (this.error) return this
 
+  // Before we return, remove the confirmation so it works only once
+  await this.Confirmation.unguardedDelete()
+
   // Account is now active, let's return a passwordless login
   return this.loginOk()
 }