diff --git a/freestyle.c b/freestyle.c
index 8ddaeed..6ee2afd 100644
--- a/freestyle.c
+++ b/freestyle.c
@@ -109,11 +109,11 @@ static void freestyle_ivsetup (
 	const	u8*		const iv,
 	const	u32		counter)
 {
-	x->input[COUNTER] = counter;
+	x->input[COUNTER]	= counter;
 
-	x->input[IV0] = U8TO32_LITTLE(iv + 0);
-	x->input[IV1] = U8TO32_LITTLE(iv + 4);
-	x->input[IV2] = U8TO32_LITTLE(iv + 8);
+	x->input[IV0]		= U8TO32_LITTLE(iv + 0);
+	x->input[IV1]		= U8TO32_LITTLE(iv + 4);
+	x->input[IV2]		= U8TO32_LITTLE(iv + 8);
 }
 
 static void freestyle_roundsetup (
@@ -889,6 +889,16 @@ void freestyle_hash_password_with_pepper (
 	);
 }
 
+static bool safe_bcmp (const u8 *a, const u8 *b, const size_t length)
+{
+	u8 diff = 0;
+
+	for (size_t i = 0; i < length; ++i)
+		diff |= (a[i] ^ b[i]);
+
+	return diff;
+}
+
 bool freestyle_verify_password_hash (
 	const	char*		const password,
 	const	u8*		const salt,
@@ -961,5 +971,5 @@ bool freestyle_verify_password_hash (
 		&expected_hash
 	);
 
-	return (0 == memcmp(plaintext,salt,hash_len));
+	return (0 == safe_bcmp(plaintext,salt,hash_len));
 }
diff --git a/optimized/8-32/freestyle.c b/optimized/8-32/freestyle.c
index 2e83462..7397f72 100644
--- a/optimized/8-32/freestyle.c
+++ b/optimized/8-32/freestyle.c
@@ -1142,6 +1142,16 @@ void freestyle_hash_password_with_pepper (
 	);
 }
 
+static bool safe_bcmp (const u8 *a, const u8 *b, const size_t length)
+{
+	u8 diff = 0;
+
+	for (size_t i = 0; i < length; ++i)
+		diff |= (a[i] ^ b[i]);
+
+	return diff;
+}
+
 bool freestyle_verify_password_hash (
 	const	char*		const password,
 	const	u8*		const salt,
@@ -1216,5 +1226,5 @@ bool freestyle_verify_password_hash (
 		&expected_hash
 	);
 
-	return (0 == memcmp(plaintext,salt,hash_len));
+	return (0 == safe_bcmp(plaintext,salt,hash_len));
 }
diff --git a/optimized/merged/freestyle.c b/optimized/merged/freestyle.c
index 165545a..fe0d6c0 100644
--- a/optimized/merged/freestyle.c
+++ b/optimized/merged/freestyle.c
@@ -1127,6 +1127,16 @@ void freestyle_hash_password_with_pepper (
 	);
 }
 
+static bool safe_bcmp (const u8 *a, const u8 *b, const size_t length)
+{
+	u8 diff = 0;
+
+	for (size_t i = 0; i < length; ++i)
+		diff |= (a[i] ^ b[i]);
+
+	return diff;
+}
+
 bool freestyle_verify_password_hash (
 	const	char*		const password,
 	const	u8*		const salt,
@@ -1201,5 +1211,5 @@ bool freestyle_verify_password_hash (
 		&expected_hash
 	);
 
-	return (0 == memcmp(plaintext,salt,hash_len));
+	return (0 == safe_bcmp(plaintext,salt,hash_len));
 }
diff --git a/side-channel-attack-resistance/freestyle.c b/side-channel-attack-resistance/freestyle.c
index 26a31ba..13a2e6e 100644
--- a/side-channel-attack-resistance/freestyle.c
+++ b/side-channel-attack-resistance/freestyle.c
@@ -925,6 +925,16 @@ void freestyle_hash_password_with_pepper (
 	);
 }
 
+static bool safe_bcmp (const u8 *a, const u8 *b, const size_t length)
+{
+	u8 diff = 0;
+
+	for (size_t i = 0; i < length; ++i)
+		diff |= (a[i] ^ b[i]);
+
+	return diff;
+}
+
 bool freestyle_verify_password_hash (
 	const	char*		const password,
 	const	u8*		const salt,
@@ -997,5 +1007,5 @@ bool freestyle_verify_password_hash (
 		&expected_hash
 	);
 
-	return (0 == memcmp(plaintext,salt,hash_len));
+	return (0 == safe_bcmp(plaintext,salt,hash_len));
 }