diff --git a/internal/action/recipients.go b/internal/action/recipients.go
index 357bf4ef1d..cd6e797e46 100644
--- a/internal/action/recipients.go
+++ b/internal/action/recipients.go
@@ -84,6 +84,7 @@ func (s *Action) RecipientsAdd(c *cli.Context) error {
 	// select recipient
 	recipients := []string(c.Args().Slice())
 	if len(recipients) < 1 {
+		debug.Log("no recipients given, asking for selection")
 		r, err := s.recipientsSelectForAdd(ctx, store)
 		if err != nil {
 			return err
@@ -91,6 +92,7 @@ func (s *Action) RecipientsAdd(c *cli.Context) error {
 		recipients = r
 	}
 
+	debug.Log("adding recipients: %+v", recipients)
 	for _, r := range recipients {
 		keys, err := crypto.FindRecipients(ctx, r)
 		if err != nil {
@@ -109,11 +111,9 @@ func (s *Action) RecipientsAdd(c *cli.Context) error {
 		}
 
 		recp := r
-		if len(keys) > 0 {
-			recp = crypto.Fingerprint(ctx, keys[0])
-		}
+		debug.Log("found recipients for %q: %+v", r, keys)
 
-		if !termio.AskForConfirmation(ctx, fmt.Sprintf("Do you want to add %q as a recipient to the store %q?", crypto.FormatKey(ctx, recp, ""), store)) {
+		if !termio.AskForConfirmation(ctx, fmt.Sprintf("Do you want to add %q (key %q) as a recipient to the store %q?", crypto.FormatKey(ctx, recp, ""), recp, store)) {
 			continue
 		}
 
diff --git a/internal/action/recipients_test.go b/internal/action/recipients_test.go
index 0706de352d..204266b8b0 100644
--- a/internal/action/recipients_test.go
+++ b/internal/action/recipients_test.go
@@ -41,13 +41,13 @@ func TestRecipients(t *testing.T) {
 	t.Run("print recipients tree", func(t *testing.T) {
 		defer buf.Reset()
 		assert.NoError(t, act.RecipientsPrint(gptest.CliCtx(ctx, t)))
-		want := `Hint: run 'gopass sync' to import any missing public keys
-gopass
-└── 0xDEADBEEF
 
-`
+		hint := `Hint: run 'gopass sync' to import any missing public keys`
+		want := `gopass
+└── 0xDEADBEEF`
 
-		assert.Equal(t, want, buf.String())
+		assert.Contains(t, buf.String(), hint)
+		assert.Contains(t, buf.String(), want)
 	})
 
 	t.Run("complete recipients", func(t *testing.T) {
diff --git a/internal/backend/crypto/gpg/cli/keyring.go b/internal/backend/crypto/gpg/cli/keyring.go
index 621eb81091..66818d6eed 100644
--- a/internal/backend/crypto/gpg/cli/keyring.go
+++ b/internal/backend/crypto/gpg/cli/keyring.go
@@ -60,10 +60,14 @@ func (g *GPG) FindRecipients(ctx context.Context, search ...string) ([]string, e
 	if err != nil || kl == nil {
 		return nil, err
 	}
+
+	recp := kl.UseableKeys(gpg.IsAlwaysTrust(ctx)).Recipients()
 	if gpg.IsAlwaysTrust(ctx) {
-		return kl.Recipients(), nil
+		recp = kl.Recipients()
 	}
-	return kl.UseableKeys(gpg.IsAlwaysTrust(ctx)).Recipients(), nil
+
+	debug.Log("found useable keys for %+v: %+v (all: %+v)", search, recp, kl.Recipients())
+	return recp, nil
 }
 
 // ListIdentities returns a parsed list of GPG secret keys
diff --git a/internal/backend/crypto/gpg/key_list.go b/internal/backend/crypto/gpg/key_list.go
index 6ca57ae98f..18a7b3e808 100644
--- a/internal/backend/crypto/gpg/key_list.go
+++ b/internal/backend/crypto/gpg/key_list.go
@@ -15,6 +15,9 @@ func (kl KeyList) Recipients() []string {
 	sort.Sort(kl)
 	for _, k := range kl {
 		l = append(l, k.ID())
+		for sid := range k.SubKeys {
+			l = append(l, sid)
+		}
 	}
 	return l
 }
diff --git a/internal/backend/crypto/gpg/key_list_test.go b/internal/backend/crypto/gpg/key_list_test.go
index 844d055c31..6b9d751c8c 100644
--- a/internal/backend/crypto/gpg/key_list_test.go
+++ b/internal/backend/crypto/gpg/key_list_test.go
@@ -19,10 +19,17 @@ func TestKeyList(t *testing.T) {
 	assert.Equal(t, []string{
 		"0x62AF4031C82E0019",
 		"0x62AF4031C82E2019",
+		"0xDEADBEEF",
 		"0x62AF4031C82E0039",
 	}, kl.Recipients())
-	assert.Equal(t, []string{"0x62AF4031C82E0019", "0x62AF4031C82E0039"}, kl.UseableKeys(false).Recipients())
-	assert.Equal(t, []string{"0x62AF4031C82E2019"}, kl.UnusableKeys(false).Recipients())
+	assert.Equal(t, []string{
+		"0x62AF4031C82E0019",
+		"0x62AF4031C82E0039",
+	}, kl.UseableKeys(false).Recipients())
+	assert.Equal(t, []string{
+		"0x62AF4031C82E2019",
+		"0xDEADBEEF",
+	}, kl.UnusableKeys(false).Recipients())
 
 	// search by email
 	k, err := kl.FindKey("jim.doe@example.org")
diff --git a/internal/store/leaf/recipients.go b/internal/store/leaf/recipients.go
index d11dbb1220..9a4bc509a0 100644
--- a/internal/store/leaf/recipients.go
+++ b/internal/store/leaf/recipients.go
@@ -64,6 +64,7 @@ func (s *Store) AddRecipient(ctx context.Context, id string) error {
 		return fmt.Errorf("failed to read recipient list: %w", err)
 	}
 
+	debug.Log("new recipient: %q - existing: %+v", id, rs)
 	for _, k := range rs {
 		if k == id {
 			return fmt.Errorf("recipient already in store")
@@ -174,17 +175,9 @@ func (s *Store) getRecipients(ctx context.Context, idf string) ([]string, error)
 		return nil, fmt.Errorf("failed to get recipients from %q: %w", idf, err)
 	}
 
-	rawRecps := recipients.Unmarshal(buf)
-	finalRecps := make([]string, 0, len(rawRecps))
-	for _, r := range rawRecps {
-		fp := s.crypto.Fingerprint(ctx, r)
-		if fp == "" {
-			fp = r
-		}
-		finalRecps = append(finalRecps, fp)
-	}
-	sort.Strings(finalRecps)
-	return finalRecps, nil
+	recps := recipients.Unmarshal(buf)
+	sort.Strings(recps)
+	return recps, nil
 }
 
 type keyExporter interface {