diff --git a/.sops.yaml b/.sops.yaml
index 02cc451..8d0d445 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -1,10 +1,8 @@
 keys:
-  - &tdpeuter_Tibo-NixFatDesk age1fva6s64s884z0q2w7de024sp69ucvqu0pg9shrhhqsn3ewlpjfpsh6md7y
   - &tdpeuter_Tibo-NixTop age1qzutny0mqpcccqw6myyfntu6wcskruu9ghzvt6r4te7afkqwnguq05ex37
 
 creation_rules:
   - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
     key_groups:
     - age:
-        - *tdpeuter_Tibo-NixFatDesk
         - *tdpeuter_Tibo-NixTop
diff --git a/users/admin/default.nix b/users/admin/default.nix
index 4038266..bc3ccc7 100644
--- a/users/admin/default.nix
+++ b/users/admin/default.nix
@@ -2,6 +2,8 @@
 
 let
   cfg = config.homelab.users.admin;
+
+  owner = config.users.users.admin.name;
 in {
   options.homelab.users.admin.enable = lib.mkEnableOption "user System Administrator";
 
@@ -10,6 +12,12 @@ in {
       config.users.users.admin.name
     ];
 
+    sops.secrets."users/admin/authorized_keys" = {
+      format = "yaml";
+      sopsFile = ../../secrets/secrets.yaml;
+      inherit owner;
+    };
+
     users.users.admin = {
       description = "System Administrator";
       isNormalUser = true;
@@ -17,9 +25,8 @@ in {
         config.users.groups.wheel.name # Enable 'sudo' for the user.
       ];
       initialPassword = "ChangeMe";
-      openssh.authorizedKeys.keys = [
-        # HomeLab > NixOS > admin > ssh
-        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGWIOOEqTy8cWKpENVbzD4p7bsQgQb/Dgpzk8i0dZ00T"
+      openssh.authorizedKeys.keyFiles = [
+        /run/secrets/users/admin/authorized_keys
       ];
       packages = with pkgs; [
         curl