diff --git a/modules/secret/secret.go b/modules/secret/secret.go
index e70ae1839c..e3557b91b9 100644
--- a/modules/secret/secret.go
+++ b/modules/secret/secret.go
@@ -47,7 +47,7 @@ func AesDecrypt(key, text []byte) ([]byte, error) {
 	cfb.XORKeyStream(text, text)
 	data, err := base64.StdEncoding.DecodeString(string(text))
 	if err != nil {
-		return nil, fmt.Errorf("AesDecrypt invalid decrypted base64 string: %w", err)
+		return nil, fmt.Errorf("AesDecrypt invalid decrypted base64 string: %w - it can be caused by a change of the [security].SECRET_KEY setting or a database corruption - `forgejo doctor check --run check-db-consistency --fix` will get rid of orphaned rows found in the `two_factor` table and may fix this problem if they are the one with the invalid content", err)
 	}
 	return data, nil
 }
diff --git a/release-notes/6639.md b/release-notes/6639.md
new file mode 100644
index 0000000000..1bc01c12a3
--- /dev/null
+++ b/release-notes/6639.md
@@ -0,0 +1 @@
+Teach the doctor to remove orphaned two_factor with `forgejo doctor check --run check-db-consistency --fix`. Such rows may contain invalid data and [block the migration to v10](https://codeberg.org/forgejo/forgejo/issues/6637) with a message such as `failed: AesDecrypt invalid decrypted base64 string: illegal base64 data at input byte 0`.
diff --git a/services/doctor/dbconsistency.go b/services/doctor/dbconsistency.go
index 80f538d670..9e2fcb645f 100644
--- a/services/doctor/dbconsistency.go
+++ b/services/doctor/dbconsistency.go
@@ -246,6 +246,9 @@ func checkDBConsistency(ctx context.Context, logger log.Logger, autofix bool) er
 		// find authorization tokens without existing user
 		genericOrphanCheck("Authorization token without existing User",
 			"forgejo_auth_token", "user", "forgejo_auth_token.uid=`user`.id"),
+		// find two_factor without existing user
+		genericOrphanCheck("Orphaned TwoFactor without existing User",
+			"two_factor", "user", "`two_factor`.uid=`user`.id"),
 	)
 
 	for _, c := range consistencyChecks {