diff --git a/coderd/httpmw/apikey.go b/coderd/httpmw/apikey.go
index 05ad040042..467bcacea4 100644
--- a/coderd/httpmw/apikey.go
+++ b/coderd/httpmw/apikey.go
@@ -172,10 +172,11 @@ func ExtractAPIKey(db database.Store, oauth *OAuth2Configs) func(http.Handler) h
 				if remoteIP == nil {
 					remoteIP = net.IPv4(0, 0, 0, 0)
 				}
+				bitlen := len(remoteIP) * 8
 				key.IPAddress = pqtype.Inet{
 					IPNet: net.IPNet{
 						IP:   remoteIP,
-						Mask: remoteIP.DefaultMask(),
+						Mask: net.CIDRMask(bitlen, bitlen),
 					},
 					Valid: true,
 				}
diff --git a/coderd/users.go b/coderd/users.go
index c8ac9aa27c..282f653ef3 100644
--- a/coderd/users.go
+++ b/coderd/users.go
@@ -815,6 +815,7 @@ func (api *API) createAPIKey(rw http.ResponseWriter, r *http.Request, params dat
 	if ip == nil {
 		ip = net.IPv4(0, 0, 0, 0)
 	}
+	bitlen := len(ip) * 8
 	key, err := api.Database.InsertAPIKey(r.Context(), database.InsertAPIKeyParams{
 		ID:              keyID,
 		UserID:          params.UserID,
@@ -822,7 +823,7 @@ func (api *API) createAPIKey(rw http.ResponseWriter, r *http.Request, params dat
 		IPAddress: pqtype.Inet{
 			IPNet: net.IPNet{
 				IP:   ip,
-				Mask: ip.DefaultMask(),
+				Mask: net.CIDRMask(bitlen, bitlen),
 			},
 			Valid: true,
 		},