diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix
index 530304b497a..b1fcb0b461f 100644
--- a/nixos/modules/security/pam.nix
+++ b/nixos/modules/security/pam.nix
@@ -492,7 +492,7 @@ let
             auth ${ussh.control} ${pkgs.pam_ussh}/lib/security/pam_ussh.so ${optionalString (ussh.caFile != null) "ca_file=${ussh.caFile}"} ${optionalString (ussh.authorizedPrincipals != null) "authorized_principals=${ussh.authorizedPrincipals}"} ${optionalString (ussh.authorizedPrincipalsFile != null) "authorized_principals_file=${ussh.authorizedPrincipalsFile}"} ${optionalString (ussh.group != null) "group=${ussh.group}"}
           '') +
           (let oath = config.security.pam.oath; in optionalString cfg.oathAuth ''
-            auth requisite ${pkgs.oathToolkit}/lib/security/pam_oath.so window=${toString oath.window} usersfile=${toString oath.usersFile} digits=${toString oath.digits}
+            auth requisite ${pkgs.oath-toolkit}/lib/security/pam_oath.so window=${toString oath.window} usersfile=${toString oath.usersFile} digits=${toString oath.digits}
           '') +
           (let yubi = config.security.pam.yubico; in optionalString cfg.yubicoAuth ''
             auth ${yubi.control} ${pkgs.yubico-pam}/lib/security/pam_yubico.so mode=${toString yubi.mode} ${optionalString (yubi.challengeResponsePath != null) "chalresp_path=${yubi.challengeResponsePath}"} ${optionalString (yubi.mode == "client") "id=${toString yubi.id}"} ${optionalString yubi.debug "debug"}
@@ -1131,7 +1131,7 @@ in
       ++ optional config.services.sssd.enable pkgs.sssd
       ++ optionals config.krb5.enable [pam_krb5 pam_ccreds]
       ++ optionals config.security.pam.enableOTPW [ pkgs.otpw ]
-      ++ optionals config.security.pam.oath.enable [ pkgs.oathToolkit ]
+      ++ optionals config.security.pam.oath.enable [ pkgs.oath-toolkit ]
       ++ optionals config.security.pam.p11.enable [ pkgs.pam_p11 ]
       ++ optionals config.security.pam.u2f.enable [ pkgs.pam_u2f ];
 
@@ -1221,7 +1221,7 @@ in
         mr ${pkgs.pam_ussh}/lib/security/pam_ussh.so,
       '' +
       optionalString (isEnabled (cfg: cfg.oathAuth)) ''
-        "mr ${pkgs.oathToolkit}/lib/security/pam_oath.so,
+        "mr ${pkgs.oath-toolkit}/lib/security/pam_oath.so,
       '' +
       optionalString (isEnabled (cfg: cfg.yubicoAuth)) ''
         mr ${pkgs.yubico-pam}/lib/security/pam_yubico.so,
diff --git a/nixos/tests/pam/pam-oath-login.nix b/nixos/tests/pam/pam-oath-login.nix
index 8fb7553de90..c532e81e674 100644
--- a/nixos/tests/pam/pam-oath-login.nix
+++ b/nixos/tests/pam/pam-oath-login.nix
@@ -7,7 +7,7 @@ let
   # how many passwords have been made. In this env, we'll always be on
   # the 0th counter, so the password is static.
   #
-  # Generated in nix-shell -p oathToolkit
+  # Generated in nix-shell -p oath-toolkit
   # via: oathtool -v -d6 -w10 cdd4083ef8ff1fa9178c6d46bfb1a3
   # and picking a the first 4:
   oathSnakeOilPassword1 = "143349";
diff --git a/pkgs/servers/web-apps/sogo/default.nix b/pkgs/servers/web-apps/sogo/default.nix
index 8af14f109a3..f94436c1f37 100644
--- a/pkgs/servers/web-apps/sogo/default.nix
+++ b/pkgs/servers/web-apps/sogo/default.nix
@@ -1,6 +1,6 @@
 { gnustep, lib, fetchFromGitHub, fetchpatch, makeWrapper, python3, lndir
 , openssl, openldap, sope, libmemcached, curl, libsodium, libytnef, libzip, pkg-config, nixosTests
-, oathToolkit }:
+, oath-toolkit }:
 gnustep.stdenv.mkDerivation rec {
   pname = "SOGo";
   version = "5.5.0";
@@ -13,7 +13,7 @@ gnustep.stdenv.mkDerivation rec {
   };
 
   nativeBuildInputs = [ gnustep.make makeWrapper python3 ];
-  buildInputs = [ gnustep.base sope openssl libmemcached curl libsodium libytnef libzip pkg-config openldap oathToolkit ];
+  buildInputs = [ gnustep.base sope openssl libmemcached curl libsodium libytnef libzip pkg-config openldap oath-toolkit ];
 
   patches = [
     # TODO: take a closer look at other patches in https://sources.debian.org/patches/sogo/ and https://github.com/Skrupellos/sogo-patches
diff --git a/pkgs/tools/filesystems/ceph/default.nix b/pkgs/tools/filesystems/ceph/default.nix
index 1162c4e69b1..678835bf7bf 100644
--- a/pkgs/tools/filesystems/ceph/default.nix
+++ b/pkgs/tools/filesystems/ceph/default.nix
@@ -9,7 +9,7 @@
 , gtest
 , cunit, snappy
 , makeWrapper
-, leveldb, oathToolkit
+, leveldb, oath-toolkit
 , libnl, libcap_ng
 , rdkafka
 , nixosTests
@@ -161,7 +161,7 @@ in rec {
     buildInputs = cryptoLibsMap.${cryptoStr} ++ [
       boost ceph-python-env libxml2 optYasm optLibatomic_ops optLibs3
       malloc zlib openldap lttng-ust babeltrace gperf gtest cunit
-      snappy lz4 oathToolkit leveldb libnl libcap_ng rdkafka
+      snappy lz4 oath-toolkit leveldb libnl libcap_ng rdkafka
       cryptsetup sqlite lua icu bzip2
     ] ++ lib.optionals stdenv.isLinux [
       linuxHeaders util-linux libuuid udev keyutils liburing optLibaio optLibxfs optZfs
diff --git a/pkgs/tools/security/oath-toolkit/update.sh b/pkgs/tools/security/oath-toolkit/update.sh
index 3502a541fa8..9f56ae41232 100755
--- a/pkgs/tools/security/oath-toolkit/update.sh
+++ b/pkgs/tools/security/oath-toolkit/update.sh
@@ -5,7 +5,7 @@ set -euo pipefail
 
 nixfile='default.nix'
 release_url='https://download.savannah.nongnu.org/releases/oath-toolkit/'
-attr='oathToolkit'
+attr='oath-toolkit'
 command='oathtool --version'
 
 color() {
diff --git a/pkgs/tools/security/pass/extensions/otp.nix b/pkgs/tools/security/pass/extensions/otp.nix
index 8d9b350543d..15f075ccec4 100644
--- a/pkgs/tools/security/pass/extensions/otp.nix
+++ b/pkgs/tools/security/pass/extensions/otp.nix
@@ -1,4 +1,4 @@
-{ lib, stdenv, fetchFromGitHub, oathToolkit }:
+{ lib, stdenv, fetchFromGitHub, oath-toolkit }:
 
 stdenv.mkDerivation rec {
   pname = "pass-otp";
@@ -11,12 +11,12 @@ stdenv.mkDerivation rec {
     sha256 = "0cpqrf3939hcvwg7sd8055ghc8x964ilimlri16czzx188a9jx9v";
   };
 
-  buildInputs = [ oathToolkit ];
+  buildInputs = [ oath-toolkit ];
 
   dontBuild = true;
 
   patchPhase = ''
-    sed -i -e 's|OATH=\$(which oathtool)|OATH=${oathToolkit}/bin/oathtool|' otp.bash
+    sed -i -e 's|OATH=\$(which oathtool)|OATH=${oath-toolkit}/bin/oathtool|' otp.bash
   '';
 
   installFlags = [ "PREFIX=$(out)"
diff --git a/pkgs/tools/security/plasma-pass/default.nix b/pkgs/tools/security/plasma-pass/default.nix
index 20f64b725f1..2ff2ab38cef 100644
--- a/pkgs/tools/security/plasma-pass/default.nix
+++ b/pkgs/tools/security/plasma-pass/default.nix
@@ -1,7 +1,7 @@
 { mkDerivation, lib, fetchFromGitLab, cmake, extra-cmake-modules
 , ki18n
 , kitemmodels
-, oathToolkit
+, oath-toolkit
 , qgpgme
 , plasma-framework
 , qt5 }:
@@ -21,7 +21,7 @@ mkDerivation rec {
   buildInputs  = [
     ki18n
     kitemmodels
-    oathToolkit
+    oath-toolkit
     qgpgme
     plasma-framework
     qt5.qtbase
diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix
index 2ae688dc1b8..f304e4ca4eb 100644
--- a/pkgs/top-level/aliases.nix
+++ b/pkgs/top-level/aliases.nix
@@ -882,6 +882,7 @@ mapAliases ({
 
   ### O ###
 
+  oathToolkit = oath-toolkit; # Added 2022-04-04
   oracleXE = throw "oracleXE has been removed, as it's heavily outdated and unmaintained"; # Added 2020-10-09
   OVMF-CSM = throw "OVMF-CSM has been removed in favor of OVMFFull"; # Added 2021-10-16
   OVMF-secureBoot = throw "OVMF-secureBoot has been removed in favor of OVMFFull"; # Added 2021-10-16
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 7335ad81274..3c074c3a8ed 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -8827,7 +8827,7 @@ with pkgs;
 
   oapi-codegen = callPackage ../tools/networking/oapi-codegen { };
 
-  oathToolkit = callPackage ../tools/security/oath-toolkit { };
+  oath-toolkit = callPackage ../tools/security/oath-toolkit { };
 
   oatpp = callPackage ../development/libraries/oatpp { };