diff --git a/src/Http/Middleware/AuthenticateSession.php b/src/Http/Middleware/AuthenticateSession.php
index d4d5109..e55959c 100644
--- a/src/Http/Middleware/AuthenticateSession.php
+++ b/src/Http/Middleware/AuthenticateSession.php
@@ -110,11 +110,11 @@ protected function storePasswordHashInSession($request, string $guard)
      * Validate the password hash against the stored value.
      *
      * @param  \Illuminate\Auth\SessionGuard  $guard
-     * @param  string  $passwordHash
+     * @param  string|null  $passwordHash
      * @param  string  $storedValue
      * @return bool
      */
-    protected function validatePasswordHash(SessionGuard $guard, string $passwordHash, string $storedValue): bool
+    protected function validatePasswordHash(SessionGuard $guard, ?string $passwordHash, string $storedValue): bool
     {
         // Try new HMAC format first (Laravel 12.45.0+)...
         if (method_exists($guard, 'hashPasswordForCookie')) {