diff --git a/bookwyrm/views/edit_user.py b/bookwyrm/views/edit_user.py
index c74b00c9..b97f2737 100644
--- a/bookwyrm/views/edit_user.py
+++ b/bookwyrm/views/edit_user.py
@@ -55,7 +55,6 @@ class DeleteUser(View):
     def post(self, request):
         """les get fancy with images"""
         form = forms.DeleteUserForm(request.POST, instance=request.user)
-        form.is_valid()
         # idk why but I couldn't get check_password to work on request.user
         user = models.User.objects.get(id=request.user.id)
         if form.is_valid() and user.check_password(form.cleaned_data["password"]):
diff --git a/bookwyrm/views/reports.py b/bookwyrm/views/reports.py
index 08330fa9..8246ae15 100644
--- a/bookwyrm/views/reports.py
+++ b/bookwyrm/views/reports.py
@@ -96,6 +96,26 @@ def unsuspend_user(_, user_id):
     return redirect("settings-user", user.id)
 
 
+@login_required
+@permission_required("bookwyrm_moderate_user")
+def moderator_delete_user(request, user_id):
+    """permanently delete a user"""
+    user = get_object_or_404(models.User, id=user_id)
+    form = forms.DeleteUserForm(request.POST, instance=user)
+
+    moderator = models.User.objects.get(id=request.user.id)
+    # check the moderator's password
+    if form.is_valid() and moderator.check_password(form.cleaned_data["password"]):
+        user.deactivation_reason = "moderator_deletion"
+        user.delete()
+        return redirect("settings-user", user.id)
+
+    form.errors["password"] = ["Invalid password"]
+
+    data = {"user": user, "group_form": forms.UserGroupForm(), "form": form}
+    return TemplateResponse(request, "user_admin/user.html", data)
+
+
 @login_required
 @permission_required("bookwyrm_moderate_post")
 def resolve_report(_, report_id):