diff --git a/modules/users.nix b/modules/users.nix
index 320a041..97cb2e0 100644
--- a/modules/users.nix
+++ b/modules/users.nix
@@ -31,9 +31,17 @@
       Restart = "always";
     };
   };
+  
+  home-manager.users.balsoft.xdg.configFile."Yubico/u2f_keys".text = "balsoft:CicONGIHB4jL1NuHA36oPlPn5qsAQgIjQKGTSC3F-XZEAWdRVBX0jr8I_PxbgQR6Ys1toFJhaXtqYjY__uVhgg,04f580832926c646e918123bd516851ac5bf7d54482c1e2eb05e0e3f6aae197e4fc4853a2760794cf597001498f1833b3d36015cafa5f61703f3fbf59b73e05eca";
 
   home-manager.users.balsoft.home.sessionVariables.XDG_RUNTIME_DIR = "/run/user/1000";
 
+  security.pam.u2f = {
+    control = "required";
+    interactive = true;
+    cue = true;
+    enable = true;
+  };
   security.sudo = {
     enable = true;
     extraConfig = ''
diff --git a/modules/workspace/misc.nix b/modules/workspace/misc.nix
index e04fa15..daa9272 100644
--- a/modules/workspace/misc.nix
+++ b/modules/workspace/misc.nix
@@ -15,14 +15,7 @@
     NIX_AUTO_RUN = "1";
   };
   services.atd.enable = true;
-  security.pam.services.sudo = {
-    u2fAuth = true;
-    unixAuth = true;
-  };
-  security.pam.u2f = {
-    control = "sufficient";
-    cue = true;
-  };
+
   home-manager.users.balsoft = {
     xdg.enable = true;