diff --git a/mysql/tasks/main.yml b/mysql/tasks/main.yml
index f6ba3dccb714f5f1b1160627acf1bc1acc929356..39c9384f8d71773d1d32ad484aa1212ea86a2a77 100644
--- a/mysql/tasks/main.yml
+++ b/mysql/tasks/main.yml
@@ -29,20 +29,12 @@
     - service
     - mysql
 
-- name: get or create the mysql root password
-  local_action: pass name="db/{{ ansible_hostname }}-mysql" state=present generate=20 store=FSMPI_PASSWORD_STORE_DIR limit=yes
-  register: mysql_root_password
-  no_log: True
-  tags:
-    - password
-    - mysql
-
 - name: ensure the mysql root user exists and has the correct password
   mysql_user:
     name: root
-    password: "{{ mysql_root_password.password }}"
+    password: "{{ lookup('passwordstore', 'db/{{ ansible_hostname }}-mysql create=true length=20') }}"
     login_user: root
-    login_password: "{{ mysql_root_password.password }}"
+    login_password: "{{ lookup('passwordstore', 'db/{{ ansible_hostname }}-mysql create=true length=20') }}"
   register: mysql_root_creation_result
   no_log: True
   ignore_errors: yes
@@ -53,7 +45,7 @@
 - name: initialize the mysql root user
   mysql_user:
     name: root
-    password: "{{ mysql_root_password.password }}"
+    password: "{{ lookup('passwordstore', 'db/{{ ansible_hostname }}-mysql create=true length=20') }}"
   no_log: True
   when: mysql_root_creation_result|failed
   tags: