diff --git a/velero/argocd/velero-ui.yaml b/velero/argocd/velero-ui.yaml
index eb079cc..8a843e3 100644
--- a/velero/argocd/velero-ui.yaml
+++ b/velero/argocd/velero-ui.yaml
@@ -40,7 +40,9 @@ spec:
 
         # Environment variables
         env: []
-        envFrom: []
+        envFrom:
+          - secretRef:
+              name: velero-ui-secret
 
         # Pod security context
         podSecurityContext:
diff --git a/velero/kustomization.yaml b/velero/kustomization.yaml
index 5f4a442..464fa0c 100644
--- a/velero/kustomization.yaml
+++ b/velero/kustomization.yaml
@@ -7,4 +7,5 @@ resources:
 
   # Velero credentials from Vault
   - external-secret.yaml
+  - vault/velero-ui-secret.yaml
   - ingress/velero-ui-ingress.yaml
diff --git a/velero/vault/velero-ui-secret.yaml b/velero/vault/velero-ui-secret.yaml
new file mode 100644
index 0000000..415b305
--- /dev/null
+++ b/velero/vault/velero-ui-secret.yaml
@@ -0,0 +1,23 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: velero-ui-secret
+  namespace: velero
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault-backend
+  target:
+    name: velero-ui-secret
+    creationPolicy: Owner
+  data:
+    - secretKey: username
+      remoteRef:
+        key: cluster-infrastructure/velero
+        property: UI_USERNAME
+    - secretKey: password
+      remoteRef:
+        key: cluster-infrastructure/velero
+        property: UI_PASSWORD
+