diff --git a/plugins/AuthCrypt/AuthCryptPlugin.php b/plugins/AuthCrypt/AuthCryptPlugin.php
index b213e0483c..0f3e7a6f71 100644
--- a/plugins/AuthCrypt/AuthCryptPlugin.php
+++ b/plugins/AuthCrypt/AuthCryptPlugin.php
@@ -52,6 +52,13 @@ class AuthCryptPlugin extends AuthenticationPlugin
             return false;
         }
 
+        // Timing safe password verification on supported PHP versions
+        if (function_exists('password_verify')) {
+            if (password_verify($password, $user->password)) {
+                return $user;
+            }
+        }
+
         // crypt understands what the salt part of $user->password is
         if ($user->password === crypt($password, $user->password)) {
             return $user;