diff --git a/Cargo.toml b/Cargo.toml
index b1f8bde..c0c90bd 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "clevis-pin-tpm2"
-version = "0.1.3"
+version = "0.1.4"
 description = "Clevis TPM2 PIN with policy support"
 authors = ["Patrick Uiterwijk <patrick@puiterwijk.org>"]
 edition = "2018"
diff --git a/src/cli.rs b/src/cli.rs
index b861ed9..353c6cc 100644
--- a/src/cli.rs
+++ b/src/cli.rs
@@ -184,12 +184,12 @@ pub(super) fn get_mode_and_cfg(
     if atty::is(atty::Stream::Stdin) {
         return Ok((ActionMode::Help, None));
     }
-    let (mode, cfgstr) = if args[0].contains("encrypt") && args.len() == 2 {
+    let (mode, cfgstr) = if args[0].contains("encrypt") && args.len() >= 2 {
         (ActionMode::Encrypt, Some(&args[1]))
     } else if args[0].contains("decrypt") {
         (ActionMode::Decrypt, None)
     } else if args.len() > 1 {
-        if args[1] == "encrypt" && args.len() == 3 {
+        if args[1] == "encrypt" && args.len() >= 3 {
             (ActionMode::Encrypt, Some(&args[2]))
         } else if args[1] == "decrypt" {
             (ActionMode::Decrypt, None)
diff --git a/tests/test_pcr b/tests/test_pcr
index 31f1f0d..c5a86bb 100755
--- a/tests/test_pcr
+++ b/tests/test_pcr
@@ -5,6 +5,10 @@ ln -s clevis-pin-tpm2 target/debug/clevis-encrypt-tpm2plus
 ln -s clevis-pin-tpm2 target/debug/clevis-decrypt-tpm2plus
 
 echo "Working: no sealing" | ./target/debug/clevis-pin-tpm2 encrypt '{}' | ./target/debug/clevis-pin-tpm2 decrypt || (echo "Failed: no sealing"; exit 1)
+# This tests we can handle the extra argument (either empty string or -y) from Clevis v15
+# https://github.com/latchset/clevis/commit/36fae7c2dbf030d6c74abaed945db7bf3c25d054
+echo "Working: no sealing (clevis v15, empty)" | ./target/debug/clevis-pin-tpm2 encrypt '{}' '' | ./target/debug/clevis-pin-tpm2 decrypt || (echo "Failed: no sealing"; exit 1)
+echo "Working: no sealing (clevis v15, -y)" | ./target/debug/clevis-pin-tpm2 encrypt '{}' '-y' | ./target/debug/clevis-pin-tpm2 decrypt || (echo "Failed: no sealing"; exit 1)
 echo "Working: no sealing (clevis decrypt)" | ./target/debug/clevis-pin-tpm2 encrypt '{}' | clevis decrypt || (echo "Failed: no sealing (clevis decrypt)"; exit 1)
 echo "Working: no sealing (clevis encrypt)" | clevis encrypt tpm2 '{}' | ./target/debug/clevis-pin-tpm2 decrypt || (echo "Failed: no sealing (clevis encrypt)"; exit 1)
 echo "Working: no sealing (renamed encrypt)" | ./target/debug/clevis-encrypt-tpm2plus '{}' | ./target/debug/clevis-pin-tpm2 decrypt || (echo "Failed: no sealing"; exit 1)