diff --git a/libraries/access-token-encryptor/lib/js/AccessTokenEncryptor.js b/libraries/access-token-encryptor/lib/js/AccessTokenEncryptor.js
index aa5ca0168d..5e4140d426 100644
--- a/libraries/access-token-encryptor/lib/js/AccessTokenEncryptor.js
+++ b/libraries/access-token-encryptor/lib/js/AccessTokenEncryptor.js
@@ -3,9 +3,6 @@ const logger = require('@overleaf/logger')
 
 const ALGORITHM = 'aes-256-ctr'
 
-const keyFn = (password, salt, callback) =>
-  crypto.pbkdf2(password, salt, 10000, 64, 'sha1', callback)
-
 const keyFn32 = (password, salt, keyLength, callback) =>
   crypto.pbkdf2(password, salt, 10000, 32, 'sha1', callback)
 
@@ -61,35 +58,10 @@ class AccessTokenEncryptor {
     if (!password || password.length < 16) {
       return callback(new Error('invalid password'))
     }
-
-    if (iv) {
-      this.decryptToJsonV2(password, salt, cipherText, iv, callback)
-    } else {
-      this.decryptToJsonV1(password, salt, cipherText, callback)
+    if (!iv) {
+      return callback(new Error('token scheme v1 is not supported anymore'))
     }
-  }
 
-  decryptToJsonV1(password, salt, cipherText, callback) {
-    keyFn(password, Buffer.from(salt, 'hex'), (err, key) => {
-      let json
-      if (err) {
-        logger.err({ err }, 'error getting Fn key')
-        return callback(err)
-      }
-      // eslint-disable-next-line n/no-deprecated-api
-      const decipher = crypto.createDecipher(ALGORITHM, key)
-      const dec =
-        decipher.update(cipherText, 'base64', 'utf8') + decipher.final('utf8')
-      try {
-        json = JSON.parse(dec)
-      } catch (e) {
-        return callback(new Error('error decrypting token'))
-      }
-      callback(null, json, true)
-    })
-  }
-
-  decryptToJsonV2(password, salt, cipherText, iv, callback) {
     keyFn32(password, Buffer.from(salt, 'hex'), 32, (err, key) => {
       let json
       if (err) {
diff --git a/libraries/access-token-encryptor/test/unit/js/AccessTokenEncryptorTests.js b/libraries/access-token-encryptor/test/unit/js/AccessTokenEncryptorTests.js
index 2dab88b12a..6ce394805e 100644
--- a/libraries/access-token-encryptor/test/unit/js/AccessTokenEncryptorTests.js
+++ b/libraries/access-token-encryptor/test/unit/js/AccessTokenEncryptorTests.js
@@ -72,18 +72,20 @@ describe('AccessTokenEncryptor', function () {
       })
     })
 
-    it('should decrypt an 2015 string to get the same object', function (done) {
+    it('should not be able to decrypt 2015 string', function (done) {
       this.encryptor.decryptToJson(this.encrypted2015, (err, decrypted) => {
-        expect(err).to.be.null
-        expect(decrypted).to.deep.equal(this.testObject)
+        expect(err).to.exist
+        expect(err.message).to.equal('token scheme v1 is not supported anymore')
+        expect(decrypted).to.not.exist
         done()
       })
     })
 
-    it('should decrypt an 2016 string to get the same object', function (done) {
+    it('should not be able to decrypt a 2016 string', function (done) {
       this.encryptor.decryptToJson(this.encrypted2016, (err, decrypted) => {
-        expect(err).to.be.null
-        expect(decrypted).to.deep.equal(this.testObject)
+        expect(err).to.exist
+        expect(err.message).to.equal('token scheme v1 is not supported anymore')
+        expect(decrypted).to.not.exist
         done()
       })
     })