diff --git a/ansible.cfg.script b/ansible.cfg.script
index e43528744bea536e2b8a07312949fd457b1e489a..21dcbd50a9394079edaf14437448011ffeabead8 100644
--- a/ansible.cfg.script
+++ b/ansible.cfg.script
@@ -140,7 +140,7 @@ callback_whitelist = timer, profile_tasks
 
 # If set, configures the path to the Vault password file as an alternative to
 # specifying --vault-password-file on the command line.
-vault_password_file = ./vault/passwords
+#vault_password_file = ./vault/passwords
 
 # format of string {{ ansible_managed }} available within Jinja2
 # templates indicates to users editing templates files will be replaced.
diff --git a/roles/user-provisioning/user-provisioning/tasks/main.yml b/roles/user-provisioning/user-provisioning/tasks/main.yml
index f2fe29c265d8169d96de103238c929eab7534ed8..a9228706eb62087987da1aa9eb8b4cb0e0cdd2b7 100644
--- a/roles/user-provisioning/user-provisioning/tasks/main.yml
+++ b/roles/user-provisioning/user-provisioning/tasks/main.yml
@@ -33,11 +33,6 @@
   include_tasks: default-user.yml
   when: remove_default_user
 
-- name: Set the root password
-  user:
-    name: root
-    password: "{{ root_password_hash }}"
-
 - name: Restrict SSH root access
   block:
     - name: Remove root SSH keys if some are present