diff --git a/.github/workflows/staging-create-infra.yml b/.github/workflows/staging-create-infra.yml
index 9b3bf3f6..963023d1 100644
--- a/.github/workflows/staging-create-infra.yml
+++ b/.github/workflows/staging-create-infra.yml
@@ -46,7 +46,7 @@ jobs:
       - run: |
           tar -cf terraform.tar /tmp/${{ inputs.TYPE }}
           echo "$SECRET_KEY" > /tmp/.secret_key
-          openssl enc -in terraform.tar -aes-256-cbc -md sha256 -pass file:/tmp/.secret_key -out terraform.tar.enc
+          openssl enc -in terraform.tar -aes-256-cbc -pbkdf2 -iter 100000 -pass file:/tmp/.secret_key -out terraform.tar.enc
           rm -f /tmp/.secret_key
         if: always()
         env:
diff --git a/.github/workflows/staging-delete-infra.yml b/.github/workflows/staging-delete-infra.yml
index b8dbf5bd..97646807 100644
--- a/.github/workflows/staging-delete-infra.yml
+++ b/.github/workflows/staging-delete-infra.yml
@@ -27,7 +27,7 @@ jobs:
           path: /tmp
       - run: |
           echo "$SECRET_KEY" > /tmp/.secret_key
-          openssl enc -d -in /tmp/terraform.tar.enc -aes-256-cbc -md sha256 -pass file:/tmp/.secret_key -out /tmp/terraform.tar
+          openssl enc -d -in /tmp/terraform.tar.enc -aes-256-cbc -pbkdf2 -iter 100000 -pass file:/tmp/.secret_key -out /tmp/terraform.tar
           rm -f /tmp/.secret_key
           tar xf /tmp/terraform.tar -C / && mkdir ~/.ssh && touch ~/.ssh/id_rsa.pub
         env:
diff --git a/.github/workflows/staging-tests.yml b/.github/workflows/staging-tests.yml
index 49e8d9dd..bae81a7c 100644
--- a/.github/workflows/staging-tests.yml
+++ b/.github/workflows/staging-tests.yml
@@ -50,14 +50,12 @@ jobs:
         if: inputs.TYPE == 'k8s'
       - run: |
           echo "$SECRET_KEY" > /tmp/.secret_key
-          openssl enc -d -in /tmp/terraform.tar.enc -aes-256-cbc -md sha256 -pass file:/tmp/.secret_key -out /tmp/terraform.tar
+          openssl enc -d -in /tmp/terraform.tar.enc -aes-256-cbc -pbkdf2 -iter 100000 -pass file:/tmp/.secret_key -out /tmp/terraform.tar 
           rm -f /tmp/.secret_key
           tar xf /tmp/terraform.tar -C /
         env:
           SECRET_KEY: ${{ secrets.SECRET_KEY }}
         if: inputs.TYPE == 'k8s'
-      - run: tar xvf /tmp/terraform.tar -C /
-        if: inputs.TYPE == 'k8s'
       - uses: azure/setup-kubectl@v3
         if: inputs.TYPE == 'k8s'
       - uses: azure/setup-helm@v3