diff --git a/flake.nix b/flake.nix
index d868440..b2c98f0 100644
--- a/flake.nix
+++ b/flake.nix
@@ -40,6 +40,11 @@
       url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+
+    sops-nix = {
+      url = "github:Mic92/sops-nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
   };
 
   outputs = {
@@ -92,6 +97,7 @@
 
           inputs.stylix.nixosModules.stylix
           inputs.nix-ld.nixosModules.nix-ld
+          inputs.sops-nix.nixosModules.sops
         ];
       };
       leanix = nixpkgs.lib.nixosSystem {
diff --git a/zenith/configuration.nix b/zenith/configuration.nix
index 2cb054f..7f01ce3 100644
--- a/zenith/configuration.nix
+++ b/zenith/configuration.nix
@@ -22,9 +22,9 @@
 
   sops.age.keyFile = "/home/foglar/.config/sops/age/keys.txt";
 
-  sops.secrets.email = {};
-  #sops.secrets.email.owner = config.users.users.foglar.name;
-  #sops.secrets.email.group = config.users.users.foglar.group;
+  sops.secrets."zenith/password-hash" = {
+    neededForUsers = true;
+  };
 
   # Home manager
   home-manager = {
@@ -33,7 +33,10 @@
     users = {
       ${userSettings.username} = import ./home.nix;
     };
-    sharedModules = [inputs.plasma-manager.homeManagerModules.plasma-manager];
+    sharedModules = [
+      inputs.sops-nix.homeManagerModules.sops
+      inputs.plasma-manager.homeManagerModules.plasma-manager
+    ];
   };
 
   # User configuration
@@ -41,6 +44,7 @@
     isNormalUser = true;
     description = "${userSettings.username}";
     extraGroups = ["wheel"];
+    hashedPasswordFile = "${config.sops.secrets."zenith/password-hash".path}";
   };
 
   # Bootloader
diff --git a/zenith/secrets/secrets.yaml b/zenith/secrets/secrets.yaml
index 1d9dbd9..b4afe7c 100644
--- a/zenith/secrets/secrets.yaml
+++ b/zenith/secrets/secrets.yaml
@@ -1,4 +1,7 @@
-email: ENC[AES256_GCM,data:B0I7UzBKR18oImVpzq3RhV4y8tLhAZWph7R0Rw==,iv:xxgH1jWLC5u+FqhnswqHQCRbdSN1M8/ou7jFChOHROg=,tag:EhiKsfWhKdTg7p6uH5H5MQ==,type:str]
+zenith:
+    password-hash: ENC[AES256_GCM,data:J0OpGQHKugEvDMJJsLApO4JFmAM4e01WODyonrwUinND/MpzxAjbozlMrDQqb8Lghay3RTOCrslizYIYOkNwUU+MhyFlTAbF7Q==,iv:J4PXhVAUcv1QSycdvQL2jb/IcayyXVdfiJDHiNUalXk=,tag:bm4N8mq/6QUdzwOcy6WVaw==,type:str]
+leanix:
+    password-hash: ENC[AES256_GCM,data:C5oGejwFkhhYvaDunG0AF9PcCKTQQA//uqi1LaWwEwOphepROoP9d1r1vD8k2cgcrikVSX4NQUBca6fQrqZTXMuxZKBxslE2Fw==,iv:oM2pWAifpCEpTRiGKbbG/QdQ0m8YaoyESzD3rIZkvmc=,tag:W+w3Bbtr8rBfp6SjYwcW0Q==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -14,8 +17,8 @@ sops:
             T0cxV21SN0hJaFg3R3hpTjIxa3lJNVEKdIrR5XDHxpCojk2A1pxc4dYtSJRrObbY
             JS/nDgu74LugEchiOhuIJ7nh3MS5XBOmmt2GTHrqxZEZFoIykjIGug==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-12-23T10:12:18Z"
-    mac: ENC[AES256_GCM,data:qnGM3IBvkly+LdfxU+wKeLUsNrlNJ3SfhobFM9qbPAsh1K3Wv+6S55V2E2rzf33syJ7gm32h++/pJxK7mJHx9BjkPHxcJ3d8g0B8cG364DANbANoG6MMIgnUTPZxV2eLEtEdta0tNIaQkQrEhEUGpc2Mc1nmaU6nxWt9RurR84Y=,iv:hzmiGfnnqm622phgafgnnr9lweE87trcXDDTlqgs4U4=,tag:9csc86pL9rB6hV1uYphWZQ==,type:str]
+    lastmodified: "2024-12-23T18:49:40Z"
+    mac: ENC[AES256_GCM,data:fWWZ3+RnGkQYP1R7q47JyB6NXHKG+D+y+qaB7i+uGfHsIf6VCkerO/ITCk4WSkvsXJDpB9mZWp2ciYypcDAHuBOlZzLscf/et9xDoDhXdM7MgRsX3fA9oeK9Q8D83cUptELlfXKU0Kvs02fAjbDrbwx5rdUtcUxfPNjW2X5lJ3o=,iv:5UwqRhZnj+u29O+x+KjxZJ9x1hcKuuZlnFYbgFnjkTs=,tag:w/z8u8PYkcW7etYg7y6y8w==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.9.2