diff --git a/lib/encryption/cross_signing.dart b/lib/encryption/cross_signing.dart
index e35c3a4a..685ebeea 100644
--- a/lib/encryption/cross_signing.dart
+++ b/lib/encryption/cross_signing.dart
@@ -55,9 +55,9 @@ class CrossSigning {
   }
 
   bool get enabled =>
-      client.accountData[EventTypes.CrossSigningSelfSigning] != null &&
-      client.accountData[EventTypes.CrossSigningUserSigning] != null &&
-      client.accountData[EventTypes.CrossSigningMasterKey] != null;
+      encryption.ssss.isSecret(EventTypes.CrossSigningSelfSigning) &&
+      encryption.ssss.isSecret(EventTypes.CrossSigningUserSigning) &&
+      encryption.ssss.isSecret(EventTypes.CrossSigningMasterKey);
 
   Future<bool> isCached() async {
     if (!enabled) {
diff --git a/lib/encryption/key_manager.dart b/lib/encryption/key_manager.dart
index d15d9004..bd3c7036 100644
--- a/lib/encryption/key_manager.dart
+++ b/lib/encryption/key_manager.dart
@@ -75,7 +75,7 @@ class KeyManager {
     });
   }
 
-  bool get enabled => client.accountData[MEGOLM_KEY] != null;
+  bool get enabled => encryption.ssss.isSecret(MEGOLM_KEY);
 
   /// clear all cached inbound group sessions. useful for testing
   void clearInboundGroupSessions() {
diff --git a/lib/encryption/ssss.dart b/lib/encryption/ssss.dart
index 5fd2e562..e7972a34 100644
--- a/lib/encryption/ssss.dart
+++ b/lib/encryption/ssss.dart
@@ -264,6 +264,10 @@ class SSSS {
     }
   }
 
+  bool isSecret(String type) =>
+      client.accountData[type] != null &&
+      client.accountData[type].content['encrypted'] is Map;
+
   Future<String> getCached(String type) async {
     if (client.database == null) {
       return null;