diff --git a/findmy/reports/account.py b/findmy/reports/account.py
index e39867c..4211c8d 100644
--- a/findmy/reports/account.py
+++ b/findmy/reports/account.py
@@ -736,13 +736,13 @@ class AsyncAppleAccount(BaseAppleAccount):
             msg = "Email verification failed: " + r["Status"].get("em")
             raise InvalidCredentialsError(msg)
         sp = r.get("sp")
-        if sp != "s2k":
-            msg = f"This implementation only supports s2k. Server returned {sp}"
+        if sp not in ["s2k", "s2k_fo"]:
+            msg = f"This implementation only supports s2k and sk2_fo. Server returned {sp}"
             raise UnhandledProtocolError(msg)
 
         logging.debug("Attempting password challenge")
 
-        usr.p = crypto.encrypt_password(self._password, r["s"], r["i"])
+        usr.p = crypto.encrypt_password(self._password, r["s"], r["i"], sp)
         m1 = usr.process_challenge(r["s"], r["B"])
         if m1 is None:
             msg = "Failed to process challenge"
diff --git a/findmy/util/crypto.py b/findmy/util/crypto.py
index 810e92b..329bf17 100644
--- a/findmy/util/crypto.py
+++ b/findmy/util/crypto.py
@@ -11,9 +11,12 @@ from cryptography.hazmat.primitives.kdf.x963kdf import X963KDF
 P224_N = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D
 
 
-def encrypt_password(password: str, salt: bytes, iterations: int) -> bytes:
+def encrypt_password(password: str, salt: bytes, iterations: int, protocol: str) -> bytes:
     """Encrypt password using PBKDF2-HMAC."""
+    assert protocol in ["s2k", "s2k_fo"]
     p = hashlib.sha256(password.encode("utf-8")).digest()
+    if protocol == "s2k_fo":
+        p = p.hex().encode("utf-8")
     kdf = PBKDF2HMAC(
         algorithm=hashes.SHA256(),
         length=32,