diff --git a/tasks/2fa_client.yml b/tasks/2fa_client.yml
index 7625688bdf..8106193021 100644
--- a/tasks/2fa_client.yml
+++ b/tasks/2fa_client.yml
@@ -3,16 +3,19 @@
   package: name=pam_url state=present
   tags:
   - packages
+  - 2fa
 
 - name: /etc/pki/tls/private/totpcgi.pem
   copy: src="{{ private }}/files/2fa-certs/keys/{{ inventory_hostname }}.pem" dest=/etc/pki/tls/private/totpcgi.pem mode=0400
   tags:
   - config
+  - 2fa
 
 - name: /etc/pki/tls/private/totpcgi-ca.cert
   copy: src="{{ private }}/files/2fa-certs/keys/ca.crt" dest=/etc/pki/tls/private/totpcgi-ca.cert mode=0400
   tags:
   - config
+  - 2fa
 
 - name: /etc/pam_url.conf - split for staging/phx2/everyone else
   template: src={{ item }} dest=/etc/pam_url.conf mode=0644
@@ -24,6 +27,7 @@
   tags:
   - config
   - pam_url
+  - 2fa
 
 - name: /etc/pam.d/sudo
   copy: src={{ item }} dest=/etc/pam.d/sudo mode=0644
@@ -33,5 +37,4 @@
   - "{{ files }}/2fa/sudo.pam"
   tags:
   - config
-
-
+  - 2fa