diff --git a/e2e/rbd_helper.go b/e2e/rbd_helper.go
index a026b61c4..e9577bf13 100644
--- a/e2e/rbd_helper.go
+++ b/e2e/rbd_helper.go
@@ -37,13 +37,13 @@ func createRBDStorageClass(c kubernetes.Interface, f *framework.Framework, scOpt
 		return nil
 	}
 	sc.Parameters["pool"] = defaultRBDPool
-	sc.Parameters["csi.storage.k8s.io/provisioner-secret-namespace"] = rookNamespace
+	sc.Parameters["csi.storage.k8s.io/provisioner-secret-namespace"] = cephCSINamespace
 	sc.Parameters["csi.storage.k8s.io/provisioner-secret-name"] = rbdProvisionerSecretName
 
-	sc.Parameters["csi.storage.k8s.io/controller-expand-secret-namespace"] = rookNamespace
+	sc.Parameters["csi.storage.k8s.io/controller-expand-secret-namespace"] = cephCSINamespace
 	sc.Parameters["csi.storage.k8s.io/controller-expand-secret-name"] = rbdProvisionerSecretName
 
-	sc.Parameters["csi.storage.k8s.io/node-stage-secret-namespace"] = rookNamespace
+	sc.Parameters["csi.storage.k8s.io/node-stage-secret-namespace"] = cephCSINamespace
 	sc.Parameters["csi.storage.k8s.io/node-stage-secret-name"] = rbdNodePluginSecretName
 
 	fsID, stdErr, err := execCommandInToolBoxPod(f, "ceph fsid", rookNamespace)
@@ -139,7 +139,6 @@ func createRBDSecret(c kubernetes.Interface, f *framework.Framework) error {
 		return err
 	}
 
-	err = updateSecretForEncryption(c)
 	return err
 }
 
diff --git a/e2e/utils.go b/e2e/utils.go
index c45d07467..1250f3e3c 100644
--- a/e2e/utils.go
+++ b/e2e/utils.go
@@ -32,9 +32,11 @@ const (
 	cephfsNodePluginSecretName  = "rook-csi-cephfs-node"
 	cephfsProvisionerSecretName = "rook-csi-cephfs-provisioner"
 
-	// rook created rbd user
-	rbdNodePluginSecretName  = "rook-csi-rbd-node"
-	rbdProvisionerSecretName = "rook-csi-rbd-provisioner"
+	// Secret created inside the cephCSINamespace, can be modified. The
+	// Rook secrets get reconciled and changes are undone (needed for
+	// encryption).
+	rbdNodePluginSecretName  = "csi-rbd-secret"
+	rbdProvisionerSecretName = "csi-rbd-secret"
 
 	rookTolBoxPodLabel = "app=rook-ceph-tools"
 	rbdmountOptions    = "mountOptions"
@@ -102,36 +104,6 @@ func getSecret(path string) (v1.Secret, error) {
 	return sc, nil
 }
 
-// updateSecretForEncryption is an hack to update the secrets created by rook to
-// include the encryption key
-// TODO in cephcsi we need to create own users in ceph cluster and use it for E2E.
-func updateSecretForEncryption(c kubernetes.Interface) error {
-	secrets, err := c.CoreV1().Secrets(rookNamespace).Get(context.TODO(), rbdProvisionerSecretName, metav1.GetOptions{})
-	if err != nil {
-		return err
-	}
-
-	secrets.Data["encryptionPassphrase"] = []byte("test_passphrase")
-
-	_, err = c.CoreV1().Secrets(rookNamespace).Update(context.TODO(), secrets, metav1.UpdateOptions{})
-	if err != nil {
-		return err
-	}
-
-	secrets, err = c.CoreV1().Secrets(rookNamespace).Get(context.TODO(), rbdNodePluginSecretName, metav1.GetOptions{})
-	if err != nil {
-		return err
-	}
-
-	secrets.Data["encryptionPassphrase"] = []byte("test_passphrase")
-
-	_, err = c.CoreV1().Secrets(rookNamespace).Update(context.TODO(), secrets, metav1.UpdateOptions{})
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
 func deleteResource(scPath string) error {
 	data, err := replaceNamespaceInTemplate(scPath)
 	if err != nil {