diff --git a/uffd/invite/views.py b/uffd/invite/views.py
index c647e5dc626c5200311889004be9e1a0d7a12f2b..4a1e7b4ce0fe32ab24d849bfd457e2a6e917accf 100644
--- a/uffd/invite/views.py
+++ b/uffd/invite/views.py
@@ -102,17 +102,6 @@ def reset(invite_id):
 	db.session.commit()
 	return redirect(url_for('.index'))
 
-# Deprecated
-@bp.route('/<token>')
-def use_legacy(token):
-	matching_invite = None
-	for invite in Invite.query.filter(Invite.valid_until > datetime.datetime.now().replace(second=0, microsecond=0)):
-		if secrets.compare_digest(invite.token, token):
-			matching_invite = invite
-	if not matching_invite:
-		abort(404)
-	return redirect(url_for('invite.use', invite_id=matching_invite.id, token=token))
-
 @bp.route('/<int:invite_id>/<token>')
 def use(invite_id, token):
 	invite = Invite.query.get(invite_id)
diff --git a/uffd/selfservice/views.py b/uffd/selfservice/views.py
index b194ceca1aeced8b1f637bdbd824d68a12293b67..2be17e32064f6c6a1d944e6469a7d516ce9cd155 100644
--- a/uffd/selfservice/views.py
+++ b/uffd/selfservice/views.py
@@ -79,19 +79,6 @@ def forgot_password():
 		send_passwordreset(user)
 	return redirect(url_for('session.login'))
 
-# Deprecated
-@bp.route('/token/password/<token>')
-def token_password_legacy(token):
-	matching_token = None
-	filter_expr = PasswordToken.created >= (datetime.datetime.now() - datetime.timedelta(days=2))
-	for dbtoken in PasswordToken.query.filter(filter_expr):
-		if secrets.compare_digest(dbtoken.token, token):
-			matching_token = dbtoken
-	if not matching_token:
-		flash(_('Token expired, please try again.'))
-		return redirect(url_for('session.login'))
-	return redirect(url_for('token_password', token_id=matching_token.id, token=token))
-
 @bp.route("/token/password/<int:token_id>/<token>", methods=(['POST', 'GET']))
 def token_password(token_id, token):
 	dbtoken = PasswordToken.query.get(token_id)
@@ -120,19 +107,6 @@ def token_password(token_id, token):
 	db.session.commit()
 	return redirect(url_for('session.login'))
 
-# Deprecated
-@bp.route("/token/mail_verification/<token>")
-def token_mail_legacy(token):
-	matching_token = None
-	filter_expr = MailToken.created >= (datetime.datetime.now() - datetime.timedelta(days=2))
-	for dbtoken in MailToken.query.filter(filter_expr):
-		if secrets.compare_digest(dbtoken.token, token):
-			matching_token = dbtoken
-	if not matching_token:
-		flash(_('Token expired, please try again.'))
-		return redirect(url_for('session.login'))
-	return redirect(url_for('mail_password', token_id=matching_token.id, token=token))
-
 @bp.route("/token/mail_verification/<int:token_id>/<token>")
 @login_required(selfservice_acl_check)
 def token_mail(token_id, token):
diff --git a/uffd/signup/views.py b/uffd/signup/views.py
index d5c3ddcffb311179730f3cf555b0bf18894a0355..88cda5f991b12dc52ccafc9e506922007c44cb6c 100644
--- a/uffd/signup/views.py
+++ b/uffd/signup/views.py
@@ -1,6 +1,5 @@
 import functools
 import secrets
-import datetime
 
 from flask import Blueprint, render_template, request, redirect, url_for, flash, current_app, jsonify
 from flask_babel import gettext as _
@@ -70,19 +69,6 @@ def signup_submit():
 	signup_ratelimit.log(request.form['mail'])
 	return render_template('signup/submitted.html', signup=signup)
 
-# Deprecated
-@bp.route('/confirm/<token>')
-def signup_confirm_legacy(token):
-	matching_signup = None
-	filter_expr = Signup.created >= (datetime.datetime.now() - datetime.timedelta(hours=48))
-	for signup in Signup.query.filter(filter_expr):
-		if secrets.compare_digest(signup.token, token):
-			matching_signup = signup
-	if not matching_signup:
-		flash(_('Invalid signup link'))
-		return redirect(url_for('session.login'))
-	return redirect(url_for('signup.signup_confirm', signup_id=matching_signup.id, token=token))
-
 # signup_confirm* views are always accessible so other modules (e.g. invite) can reuse them
 @bp.route('/confirm/<int:signup_id>/<token>')
 def signup_confirm(signup_id, token):