diff --git a/docs/configuration/security.md b/docs/configuration/security.md
index b97f31432..cd32c344d 100644
--- a/docs/configuration/security.md
+++ b/docs/configuration/security.md
@@ -2,7 +2,7 @@
 
 ## ALLOW_TOKEN_RETRIEVAL
 
-Default: True
+Default: False
 
 If disabled, the values of API tokens will not be displayed after each token's initial creation. A user **must** record the value of a token prior to its creation, or it will be lost. Note that this affects _all_ users, regardless of assigned permissions.
 
diff --git a/netbox/netbox/settings.py b/netbox/netbox/settings.py
index 84b86ba13..5e25b4b53 100644
--- a/netbox/netbox/settings.py
+++ b/netbox/netbox/settings.py
@@ -56,7 +56,7 @@ for parameter in ('ALLOWED_HOSTS', 'DATABASE', 'SECRET_KEY', 'REDIS'):
 
 # Set static config parameters
 ADMINS = getattr(configuration, 'ADMINS', [])
-ALLOW_TOKEN_RETRIEVAL = getattr(configuration, 'ALLOW_TOKEN_RETRIEVAL', True)
+ALLOW_TOKEN_RETRIEVAL = getattr(configuration, 'ALLOW_TOKEN_RETRIEVAL', False)
 ALLOWED_HOSTS = getattr(configuration, 'ALLOWED_HOSTS')  # Required
 AUTH_PASSWORD_VALIDATORS = getattr(configuration, 'AUTH_PASSWORD_VALIDATORS', [
     {