diff --git a/craft_store/auth.py b/craft_store/auth.py
index c5130ad..46b1e07 100644
--- a/craft_store/auth.py
+++ b/craft_store/auth.py
@@ -30,11 +30,14 @@
 import keyring.backends.fail
 import keyring.errors
 from jaraco.classes import properties
-from keyring.backends import SecretService
 from xdg import BaseDirectory  # type: ignore[import]
 
 from . import errors
 
+# workaround to prevent legacy provider loading in focal
+os.environ["CRYPTOGRAPHY_OPENSSL_NO_LEGACY"] = "1"
+from keyring.backends import SecretService
+
 logger = logging.getLogger(__name__)
 
 
diff --git a/docs/.custom_wordlist.txt b/docs/.custom_wordlist.txt
index 67eb0b9..4cdc5d1 100644
--- a/docs/.custom_wordlist.txt
+++ b/docs/.custom_wordlist.txt
@@ -6,6 +6,7 @@ https
 io
 initialization
 initialized
+libssl
 NotLoggedIn
 keyring
 StoreClient
diff --git a/docs/changelog.rst b/docs/changelog.rst
index d54bbe8..9cd6412 100644
--- a/docs/changelog.rst
+++ b/docs/changelog.rst
@@ -18,6 +18,12 @@ Breaking changes:
 Bug fixes:
 - Better error message when the keyring is locked.
 
+2.6.2 (2024-05-06)
+------------------
+
+- Disable legacy libssl providers. This is a workaround to prevent a crash
+  when loading cryptography in focal.
+
 2.6.1 (2024-03-26)
 ------------------