diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1a11f4eed..82021e810 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -16,6 +16,12 @@ All notable changes to this project will be documented in this file. Take a look
 
 * The `close()` and `Closeable` APIs are now deprecated. Resources are automatically released upon `deinit`, which aligns better with Swift.
 
+### Fixed
+
+#### LCP
+
+* Fixed a regression that caused some LCP passphrases to no longer match the protected publication.
+
 
 ## [3.0.0-beta.2]
 
diff --git a/Sources/Adapters/LCPSQLite/SQLiteLCPPassphraseRepository.swift b/Sources/Adapters/LCPSQLite/SQLiteLCPPassphraseRepository.swift
index 7728bd20e..43292afe0 100644
--- a/Sources/Adapters/LCPSQLite/SQLiteLCPPassphraseRepository.swift
+++ b/Sources/Adapters/LCPSQLite/SQLiteLCPPassphraseRepository.swift
@@ -41,10 +41,19 @@ public class LCPSQLitePassphraseRepository: LCPPassphraseRepository, Loggable {
 
     public func passphrasesMatching(userID: User.ID?, provider: LicenseDocument.Provider) async throws -> [LCPPassphraseHash] {
         try logAndRethrow {
-            try db.prepare(transactions.select(passphrase)
-                .filter(self.userId == userID && self.provider == provider)
-            )
-            .compactMap { try $0.get(passphrase) }
+            var passphrases =
+                try db.prepare(transactions.select(passphrase)
+                        .filter(self.userId == userID && self.provider == provider)
+                    )
+                    .compactMap { try $0.get(passphrase) }
+
+            // The legacy SQLite database did not save all the new
+            // (passphrase, userID, provider) tuples. So we need to fall back
+            // on checking all the saved passphrases for a match.
+            passphrases += try db.prepare(transactions.select(passphrase))
+                .compactMap { try $0.get(passphrase) }
+
+            return passphrases
         }
     }