diff --git a/keyserver/src/deleters/account-deleters.js b/keyserver/src/deleters/account-deleters.js
--- a/keyserver/src/deleters/account-deleters.js
+++ b/keyserver/src/deleters/account-deleters.js
@@ -1,7 +1,6 @@
 // @flow
 
 import { getRustAPI } from 'rust-node-addon';
-import bcrypt from 'twin-bcrypt';
 
 import type {
   LogOutResponse,
@@ -34,24 +33,6 @@
     throw new ServerError('not_logged_in');
   }
 
-  if (request) {
-    const hashQuery = SQL`SELECT hash FROM users WHERE id = ${viewer.userID}`;
-    const [result] = await dbQuery(hashQuery);
-    if (result.length === 0) {
-      throw new ServerError('internal_error');
-    }
-    const row = result[0];
-    const requestPasswordConsistentWithDB = !!row.hash === !!request.password;
-    const shouldValidatePassword = !!row.hash;
-    if (
-      !requestPasswordConsistentWithDB ||
-      (shouldValidatePassword &&
-        !bcrypt.compareSync(request.password, row.hash))
-    ) {
-      throw new ServerError('invalid_credentials');
-    }
-  }
-
   const deletedUserID = viewer.userID;
   await rescindPushNotifs(SQL`n.user = ${deletedUserID}`, SQL`NULL`);
   const knownUserInfos = await fetchKnownUserInfos(viewer);
diff --git a/lib/types/account-types.js b/lib/types/account-types.js
--- a/lib/types/account-types.js
+++ b/lib/types/account-types.js
@@ -80,7 +80,7 @@
 };
 
 export type DeleteAccountRequest = {
-  +password: ?string,
+  +password?: ?string,
 };
 
 export const logInActionSources = Object.freeze({