diff --git a/README.md b/README.md
index 449e45a..4c0149b 100644
--- a/README.md
+++ b/README.md
@@ -4,3 +4,9 @@
 WINDOWS Ansible role to create a little base Setup for my Ansible Managed Windows 10 Enterprise Hosts
 
 ## Please not, this is my first windows role and highly experimental!
+
+ Requirements
+----------------
++ **Pass or gopass** is required to store passwords.
+  + See [ansible docs](https://docs.ansible.com/ansible/latest/collections/community/general/passwordstore_lookup.html)
+  + Have a password store setup. Either create a symlink from pass to gopass or use pass nativly.
diff --git a/defaults/main.yml b/defaults/main.yml
index 2531eff..0d98029 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,2 +1,2 @@
 ---
-win_base_init__ansible_password: ''
+win_base_init__pass_prefix: 'ansible/windows'
diff --git a/tasks/ansible_user.yml b/tasks/ansible_user.yml
index 9a01ad1..1726917 100644
--- a/tasks/ansible_user.yml
+++ b/tasks/ansible_user.yml
@@ -11,7 +11,7 @@
   ansible.windows.win_user:
     name: 'ansible'
     state: present
-    password:
+    password: "{{ lookup('community.general.passwordstore', win_base_init__pass_prefix + '/' + inventory_hostname + '/password create=true length=16 nosymbols=true')}}"
     account_disabled: false
     description: 'Account to run ansible commands at this WINDOWS host'
     groups_action: 'add'
diff --git a/tasks/main.yml b/tasks/main.yml
index 423d8f4..7c3b6ea 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,3 +1,5 @@
 ---
 - name: create Ansible Windows Group and User
   ansible.builtin.include_task: ansible_user.yml
+
+