diff --git a/libraries/joomla/crypt/crypt.php b/libraries/joomla/crypt/crypt.php
index f2cb90cf26794..8f8af2e3aaf11 100644
--- a/libraries/joomla/crypt/crypt.php
+++ b/libraries/joomla/crypt/crypt.php
@@ -258,7 +258,8 @@ public static function genRandomBytes($length = 16)
 	/**
 	 * A timing safe comparison method. This defeats hacking
 	 * attempts that use timing based attack vectors.
-	 *
+	 * Length will leak.
+         *
 	 * @param   string  $known    A known string to check against.
 	 * @param   string  $unknown  An unknown string to check.
 	 *
@@ -268,6 +269,10 @@ public static function genRandomBytes($length = 16)
 	 */
 	public static function timingSafeCompare($known, $unknown)
 	{
+		if (function_exists('hash_equals')) {
+			return hash_equals((string) $known, (string) $unknown);
+		}
+
 		// Prevent issues if string length is 0
 		$known .= chr(0);
 		$unknown .= chr(0);