diff --git a/.gitignore b/.gitignore
index 2d50efe..c43575e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
-*.retry
\ No newline at end of file
+*.retry
+.vaultpassword
\ No newline at end of file
diff --git a/README.md b/README.md
index 415d909..98653fc 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@
 ## commande ansible
 
 ***launch playbook on staging***
-`ansible-playbook -i staging site.yml --ask-vault-pass`
+`ansible-playbook -i staging site.yml  --vault-password-file=.vaultpassword`
 
 ***init new role architecture***
 `ansible-galaxy user_config init `
@@ -11,6 +11,8 @@
 ***launch ansible bootstrap***
 ` ansible-playbook -i nas, bootstrap.yml -u root --ask-pass`
 
+*** encrypt string**
+` ansible-vault encrypt_string `
 
 
 ## Prerequis
diff --git a/group_vars/all b/group_vars/all/all
similarity index 100%
rename from group_vars/all
rename to group_vars/all/all
diff --git a/group_vars/all/all_vault b/group_vars/all/all_vault
new file mode 100644
index 0000000..9f3fb6a
--- /dev/null
+++ b/group_vars/all/all_vault
@@ -0,0 +1,7 @@
+$ANSIBLE_VAULT;1.1;AES256
+37316536616233313365623539323834623836653839376231383563323639616331386164343832
+3665663937376437323236396237616339616538643635610a643439343365613139623964623831
+66616430623239363436656538306232373339303737613531326463623662383566363662333230
+6338623736373834660a653136373963346265376639663836323537666332393831386662396361
+66396432393131373830666532646530393038353333663936613533363833343264326263326665
+6233323135383039626138656339363739643463373438353234
diff --git a/group_vars/workstation b/group_vars/workstation
index 235edf8..dd4dbe5 100644
--- a/group_vars/workstation
+++ b/group_vars/workstation
@@ -66,22 +66,10 @@ credentials_files:
         type: smb
         path: /etc/creds/.diskstation_credentials
         username: admin
-        password: !vault |
-                   $ANSIBLE_VAULT;1.1;AES256
-                   30633733333935656635616232623338613638616139303366313330366562323830613032383366
-                   3735306661306437626361653035326462633330643362300a366432393730653561363431313930
-                   64613130396636656461346164643033353735313363336638663331393532626132633233373330
-                   6332616435643530320a636366323634363363636566363665393064376138653666623563326330
-                   3536
+        password: "{{ vault_default_password }}"
     2:
         type: davfs
         path: /etc/davfs2/secrets
         adress: https://diskstation.ducamps.win:5006/home/keepass
         username: admin
-        password: !vault |
-                  $ANSIBLE_VAULT;1.1;AES256
-                  30633733333935656635616232623338613638616139303366313330366562323830613032383366
-                  3735306661306437626361653035326462633330643362300a366432393730653561363431313930
-                  64613130396636656461346164643033353735313363336638663331393532626132633233373330
-                  6332616435643530320a636366323634363363636566363665393064376138653666623563326330
-                  3536
+        password: "{{ vault_default_password }}"
\ No newline at end of file