diff --git a/instances/sif/configuration.nix b/instances/sif/configuration.nix
index 8e419a4..43ca507 100644
--- a/instances/sif/configuration.nix
+++ b/instances/sif/configuration.nix
@@ -353,32 +353,23 @@
   '';
   security.pam.services = {
     xscreensaver.fprintAuth = true;
-    gdm = {
-      enableGnomeKeyring = true;
-      fprintAuth = true;
-    };
-    sudo = {
-      fprintAuth = true;
-      rootOK = true;
-      forwardXAuth = true;
-      logFailures = true;
-      text = ''
-        auth            sufficient      pam_rootok.so
-        # Uncomment the following line to implicitly trust users in the "wheel" group.
-        #auth           sufficient      pam_wheel.so trust use_uid
-        # Uncomment the following line to require a user to be in the "wheel" group.
-        auth            required        pam_wheel.so use_uid
-        auth            required        pam_unix.so
-        account         required        pam_unix.so
-        session         required        pam_unix.so
-      '';
-      # enableGnomeKeyring = true;
-      # text = ''
-      #   auth		include		system-auth-fprintd
-      #   account		include		system-auth
-      #   session		include		system-auth
-      # '';
-    };
+    gdm = { enableGnomeKeyring = true; fprintAuth = true; };
+    # sudo = {
+    #   fprintAuth = true;
+    #   rootOK = true;
+    #   forwardXAuth = true;
+    #   logFailures = true;
+    #   text = ''
+    #     auth    [success=ok default=bad]  pam_unix.so nullok_secure
+    #     auth    [success=2 default=bad]   pam_fprintd.so
+    #   '';
+    #   # enableGnomeKeyring = true;
+    #   # text = ''
+    #   #   auth		include		system-auth-fprintd
+    #   #   account		include		system-auth
+    #   #   session		include		system-auth
+    #   # '';
+    # };
   };
 
   nixpkgs.config = {