diff --git a/internal/controller/basic_authenticator/cleanup.go b/internal/controller/basic_authenticator/cleanup.go
index e0ba5b3..8fee8b2 100644
--- a/internal/controller/basic_authenticator/cleanup.go
+++ b/internal/controller/basic_authenticator/cleanup.go
@@ -74,13 +74,9 @@ func (r *BasicAuthenticatorReconciler) removeInjectedContainers(ctx context.Cont
 
 	cleanupDeployments := removeInjectedResources(deployments, secrets, configmaps)
 	for _, deploy := range cleanupDeployments {
-		if controllerutil.ContainsFinalizer(deploy, basicAuthenticatorFinalizer) {
-			if objUpdated := controllerutil.RemoveFinalizer(deploy, basicAuthenticatorFinalizer); objUpdated {
-				if err := r.Update(ctx, deploy); err != nil {
-					r.logger.Error(err, "failed to add basicAuthenticator to injected deployment")
-					return subreconciler.RequeueWithError(err)
-				}
-			}
+		if err := r.Update(ctx, deploy); err != nil {
+			r.logger.Error(err, "failed to add update cleaned up deployments")
+			return subreconciler.RequeueWithError(err)
 		}
 	}
 	return subreconciler.ContinueReconciling()
diff --git a/internal/controller/basic_authenticator/provision.go b/internal/controller/basic_authenticator/provision.go
index 53f59b3..df13ddf 100644
--- a/internal/controller/basic_authenticator/provision.go
+++ b/internal/controller/basic_authenticator/provision.go
@@ -338,12 +338,6 @@ func (r *BasicAuthenticatorReconciler) createSidecarAuthenticator(ctx context.Co
 		return subreconciler.RequeueWithError(err)
 	}
 	for _, deploy := range deploymentsToUpdate {
-		if !controllerutil.ContainsFinalizer(deploy, basicAuthenticatorFinalizer) {
-			if objUpdated := controllerutil.AddFinalizer(deploy, basicAuthenticatorFinalizer); !objUpdated {
-				return subreconciler.Requeue()
-			}
-		}
-
 		err := r.Update(ctx, deploy)
 		if err != nil {
 			r.logger.Error(err, "failed to update injected deployments")