diff --git a/roles/base/tasks/crypto-policies.yml b/roles/base/tasks/crypto-policies.yml
index 7f2bb5f111..5c2d9bc8fe 100644
--- a/roles/base/tasks/crypto-policies.yml
+++ b/roles/base/tasks/crypto-policies.yml
@@ -17,8 +17,8 @@
   - base/crypto-policies
 
 - name: Set crypto-policy on fedora 33 and higher hosts to allow 2fa to work
-  command: "update-crypto-policies --set LEGACY"
-  when: "ansible_distribution_major_version|int >= 33 and (currentcryptopolicy.stdout.find('LEGACY') == -1 or cryptopolicyapplied.rc != 0)"
+  command: "update-crypto-policies --set DEFAULT:FEDORA32"
+  when: "ansible_distribution_major_version|int >= 33 and (currentcryptopolicy.stdout.find('DEFAULT:FEDORA32') == -1 or cryptopolicyapplied.rc != 0)"
   tags:
   - crypto-policies
   - base/crypto-policies
diff --git a/roles/base/templates/crypto-policies-config b/roles/base/templates/crypto-policies-config
deleted file mode 100644
index af05e9bc61..0000000000
--- a/roles/base/templates/crypto-policies-config
+++ /dev/null
@@ -1 +0,0 @@
-LEGACY