diff --git a/src/domains/selfcare/_modules/app_services/locals.tf b/src/domains/selfcare/_modules/app_services/locals.tf
index 3f3a4a95b..fd948714a 100644
--- a/src/domains/selfcare/_modules/app_services/locals.tf
+++ b/src/domains/selfcare/_modules/app_services/locals.tf
@@ -214,8 +214,8 @@ locals {
 
       # devportal configs
       CLIENT_NAME                = "io-p-developer-portal-app"
-      POLICY_NAME                = "B2C_1_SignUpIn"
-      RESET_PASSWORD_POLICY_NAME = "B2C_1_PasswordReset"
+      POLICY_NAME                = "B2C_1_SignUpInSecure"
+      RESET_PASSWORD_POLICY_NAME = "B2C_1_SignUpInSecure" # Then new userflow handles sign up/sign in and password reset, no need for a dedicate password reset policy anymore
       POST_LOGIN_URL             = "https://${var.devportal_frontend_hostname}"
       POST_LOGOUT_URL            = "https://${var.devportal_frontend_hostname}"
       REPLY_URL                  = "https://${var.devportal_frontend_hostname}"