diff --git a/packages/snaps-controllers/package.json b/packages/snaps-controllers/package.json
index 40ecd69805..01417e6e0a 100644
--- a/packages/snaps-controllers/package.json
+++ b/packages/snaps-controllers/package.json
@@ -31,7 +31,7 @@
     "publish:package": "../../scripts/publish-package.sh"
   },
   "dependencies": {
-    "@metamask/browser-passworder": "^3.0.0",
+    "@metamask/browser-passworder": "^4.0.2",
     "@metamask/controllers": "^32.0.2",
     "@metamask/object-multiplex": "^1.1.0",
     "@metamask/post-message-stream": "^6.0.0",
diff --git a/packages/snaps-controllers/src/snaps/SnapController.test.ts b/packages/snaps-controllers/src/snaps/SnapController.test.ts
index 0277e6b7b1..c3aeaebbc3 100644
--- a/packages/snaps-controllers/src/snaps/SnapController.test.ts
+++ b/packages/snaps-controllers/src/snaps/SnapController.test.ts
@@ -1,4 +1,4 @@
-import passworder from '@metamask/browser-passworder';
+import { encrypt } from '@metamask/browser-passworder';
 import {
   Caveat,
   getPersistentState,
@@ -100,9 +100,7 @@ describe('SnapController', () => {
     expect(
       // @ts-expect-error Accessing private property
       snapController.snapsRuntimeData.get(MOCK_SNAP_ID).state,
-    ).toStrictEqual(
-      await passworder.encrypt(`stateEncryption:${MOCK_SNAP_ID}`, state),
-    );
+    ).toStrictEqual(await encrypt(`stateEncryption:${MOCK_SNAP_ID}`, state));
     snapController.destroy();
     await service.terminateAllSnaps();
   });
@@ -3492,10 +3490,7 @@ describe('SnapController', () => {
       const state = {
         fizz: 'buzz',
       };
-      const encrypted = await passworder.encrypt(
-        `stateEncryption:${MOCK_SNAP_ID}`,
-        state,
-      );
+      const encrypted = await encrypt(`stateEncryption:${MOCK_SNAP_ID}`, state);
       const snapController = getSnapController(
         getSnapControllerOptions({
           messenger,
@@ -3603,9 +3598,7 @@ describe('SnapController', () => {
       expect(
         // @ts-expect-error Accessing private property
         snapController.snapsRuntimeData.get(MOCK_SNAP_ID).state,
-      ).toStrictEqual(
-        await passworder.encrypt(`stateEncryption:${MOCK_SNAP_ID}`, state),
-      );
+      ).toStrictEqual(await encrypt(`stateEncryption:${MOCK_SNAP_ID}`, state));
     });
 
     it('has different encryption for the same data stored by two different snaps', async () => {
@@ -3651,14 +3644,11 @@ describe('SnapController', () => {
         snapController.snapsRuntimeData.get(MOCK_LOCAL_SNAP_ID).state;
 
       expect(snapState1).toStrictEqual(
-        await passworder.encrypt(`stateEncryption:${MOCK_SNAP_ID}`, state),
+        await encrypt(`stateEncryption:${MOCK_SNAP_ID}`, state),
       );
 
       expect(snapState2).toStrictEqual(
-        await passworder.encrypt(
-          `stateEncryption:${MOCK_LOCAL_SNAP_ID}`,
-          state,
-        ),
+        await encrypt(`stateEncryption:${MOCK_LOCAL_SNAP_ID}`, state),
       );
 
       expect(snapState1).not.toStrictEqual(snapState2);
diff --git a/packages/snaps-controllers/src/snaps/SnapController.ts b/packages/snaps-controllers/src/snaps/SnapController.ts
index da0e3fc9cf..e7511405bc 100644
--- a/packages/snaps-controllers/src/snaps/SnapController.ts
+++ b/packages/snaps-controllers/src/snaps/SnapController.ts
@@ -1,4 +1,4 @@
-import passworder from '@metamask/browser-passworder';
+import { encrypt, decrypt } from '@metamask/browser-passworder';
 import {
   AddApprovalRequest,
   BaseControllerV2 as BaseController,
@@ -64,6 +64,7 @@ import {
   hasProperty,
   inMilliseconds,
   isNonEmptyArray,
+  isValidJson,
   Json,
   timeSince,
 } from '@metamask/utils';
@@ -1358,13 +1359,16 @@ export class SnapController extends BaseController<
 
   async #encryptSnapState(snapId: SnapId, state: Json): Promise<string> {
     const appKey = await this.#getEncryptionKey(snapId);
-    return passworder.encrypt(appKey, state);
+    return encrypt(appKey, state);
   }
 
   async #decryptSnapState(snapId: SnapId, encrypted: string): Promise<Json> {
     const appKey = await this.#getEncryptionKey(snapId);
     try {
-      return await passworder.decrypt(appKey, encrypted);
+      const value = await decrypt(appKey, encrypted);
+
+      assert(isValidJson(value));
+      return value;
     } catch (error) {
       throw new Error(
         'Failed to decrypt snap state, the state must be corrupted.',
diff --git a/yarn.lock b/yarn.lock
index d7e6d32abf..f7c51bcbae 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2613,10 +2613,10 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@metamask/browser-passworder@npm:^3.0.0":
-  version: 3.0.0
-  resolution: "@metamask/browser-passworder@npm:3.0.0"
-  checksum: 2eccb399341b377b60b544bce758a597c77518983ef13bed50ca795e0053ab883570de884fcba8782a1edc8541b0e03d1124b4097e0bad5d70544e28e320685c
+"@metamask/browser-passworder@npm:^4.0.2":
+  version: 4.0.2
+  resolution: "@metamask/browser-passworder@npm:4.0.2"
+  checksum: 997c330b1c72f7135d0fd2a7f4b0dce37b3c2e6b30e92f048fa8d4f8c949f5b669dcc3064790f41df30ee2e53a9e64a812df72e00527736be704cce2cf4f6e49
   languageName: node
   linkType: hard
 
@@ -3012,7 +3012,7 @@ __metadata:
   dependencies:
     "@lavamoat/allow-scripts": ^2.0.3
     "@metamask/auto-changelog": ^2.6.0
-    "@metamask/browser-passworder": ^3.0.0
+    "@metamask/browser-passworder": ^4.0.2
     "@metamask/controllers": ^32.0.2
     "@metamask/eslint-config": ^11.0.0
     "@metamask/eslint-config-jest": ^11.0.0