diff --git a/services/fprintd.nix b/services/fprintd.nix
index 933e202..c5ab3a3 100644
--- a/services/fprintd.nix
+++ b/services/fprintd.nix
@@ -5,25 +5,13 @@
 }:
 with lib;
 mkIf (elem "fprintd" config.machine.services) {
-  security.pam.services =
-    let
-      unlock = [
-        "sudo"
-        "i3lock"
-        "login"
-        "lightdm"
-      ];
-    in
-    listToAttrs (
-      forEach unlock (n: {
-        name = n;
-        value = {
-          fprintAuth = true;
-        };
-      })
-    );
-
   services.fprintd = {
     enable = true;
   };
+
+  # Do not allow login/unlock with fingerprint
+  security.pam.services = {
+    "login".fprintAuth = false;
+    "swaylock".fprintAuth = false;
+  };
 }
diff --git a/services/impermanence.nix b/services/impermanence.nix
index 4d9eb69..2cd118f 100644
--- a/services/impermanence.nix
+++ b/services/impermanence.nix
@@ -49,6 +49,7 @@ in
       ++ optional config.services.nginx.enable "/var/www"
       ++ optional config.services.forgejo.enable "/var/lib/forgejo"
       ++ optional config.services.radicale.enable config.services.radicale.settings.storage.filesystem_folder
+      ++ optional config.services.fprintd.enable "/var/lib/fprint"
       ++ optionals config.mailserver.enable [
         "/var/lib/dovecot"
         "/var/vmail"