diff --git a/cmd/accountkey.go b/cmd/accountkey.go
index bf76693..7fd7702 100644
--- a/cmd/accountkey.go
+++ b/cmd/accountkey.go
@@ -55,7 +55,7 @@ In quiet mode this will return 0 if the key can be obtained, otherwise 1.`,
 				}
 			}
 			assert(unlocked, "Failed to unlock account to obtain private key")
-			defer errCheck(locker.Lock(context.Background()), "failed to re-lock account")
+			defer relockAccount(locker)
 		}
 		privateKey, err := privateKeyProvider.PrivateKey(ctx)
 		errCheck(err, "Failed to obtain private key")
diff --git a/cmd/root.go b/cmd/root.go
index 9840896..4fcd0b0 100644
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -272,7 +272,7 @@ func accountFromPath(ctx context.Context, path string) (e2wtypes.Account, error)
 			if err != nil {
 				return nil, errors.New("invalid wallet passphrase")
 			}
-			defer errCheck(locker.Lock(context.Background()), "failed to re-lock account")
+			defer relockAccount(locker)
 		}
 	}
 
@@ -403,3 +403,8 @@ func openNamedWallet(walletName string) (e2wtypes.Wallet, error) {
 	}
 	return walletFromPath(walletName)
 }
+
+// relockAccount locks an account; generally called as a defer after an account is unlocked.
+func relockAccount(locker e2wtypes.AccountLocker) {
+	errCheck(locker.Lock(context.Background()), "failed to re-lock account")
+}