diff --git a/nixos/configurations/Tytonidae/default.nix b/nixos/configurations/Tytonidae/default.nix
index 0e9a4da..a630ac7 100644
--- a/nixos/configurations/Tytonidae/default.nix
+++ b/nixos/configurations/Tytonidae/default.nix
@@ -96,6 +96,7 @@
     kernelPackages = pkgs.linuxPackages_zen;
     loader.systemd-boot.enable = true;
     loader.efi.canTouchEfiVariables = true;
+    initrd.systemd.enable = true;
   };
 
   # This value determines the NixOS release from which the default
diff --git a/nixos/configurations/Tytonidae/disk-config.nix b/nixos/configurations/Tytonidae/disk-config.nix
index f43eb7c..6549e97 100644
--- a/nixos/configurations/Tytonidae/disk-config.nix
+++ b/nixos/configurations/Tytonidae/disk-config.nix
@@ -30,7 +30,10 @@
                 passwordFile = "/tmp/secret.key";
                 settings = {
                   allowDiscards = true;
-                  fallbackToPassword = true;
+                  crypttabExtraOpts = [
+                    "fido2-device=auto"
+                    "token-timeout=10"
+                  ];
                 };
                 content = {
                   type = "swap";
@@ -59,7 +62,10 @@
                 passwordFile = "/tmp/secret.key";
                 settings = {
                   allowDiscards = true;
-                  fallbackToPassword = true;
+                  crypttabExtraOpts = [
+                    "fido2-device=auto"
+                    "token-timeout=10"
+                  ];
                 };
                 initrdUnlock = true;
                 extraFormatArgs = [
@@ -93,7 +99,10 @@
                 passwordFile = "/tmp/secret.key";
                 settings = {
                   allowDiscards = true;
-                  fallbackToPassword = true;
+                  crypttabExtraOpts = [
+                    "fido2-device=auto"
+                    "token-timeout=10"
+                  ];
                 };
                 initrdUnlock = true;
                 extraFormatArgs = [