diff --git a/app/models/concerns/user_access_key_overrides.rb b/app/models/concerns/user_access_key_overrides.rb
index a014ca0d50b..8b05383ef4b 100644
--- a/app/models/concerns/user_access_key_overrides.rb
+++ b/app/models/concerns/user_access_key_overrides.rb
@@ -23,6 +23,16 @@ def password=(new_password)
     write_legacy_password_attributes(digest)
   end
 
+  # This is a devise method, which we are overriding. This should not be removed
+  # as Devise depends on this for things like building the key to use when
+  # storing the user in the session.
+  def authenticatable_salt
+    return if encrypted_password_digest.blank?
+    Encryption::PasswordVerifier::PasswordDigest.parse_from_string(
+      encrypted_password_digest
+    ).password_salt
+  end
+
   private
 
   def write_legacy_password_attributes(digest)
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index ff4926dd9e9..05cd592d676 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -409,6 +409,15 @@
     end
   end
 
+  describe '#authenticatable_salt' do
+    it 'returns the password salt' do
+      user = create(:user)
+      salt = JSON.parse(user.encrypted_password_digest)['password_salt']
+
+      expect(user.authenticatable_salt).to eq(salt)
+    end
+  end
+
   context 'when a password is updated' do
     it 'writes encrypted_password_digest and the legacy password attributes' do
       user = create(:user)