diff --git a/Crypto/BCrypt.hs b/Crypto/BCrypt.hs
--- a/Crypto/BCrypt.hs
+++ b/Crypto/BCrypt.hs
@@ -26,6 +26,7 @@
 import qualified Data.ByteString.Unsafe as BS
 import qualified System.IO.Unsafe as U
 import Control.Monad
+import Data.ByteArray (constEq)
 import System.Entropy
 
 foreign import ccall "crypt_ra" c_crypt_ra :: CString -> CString -> Ptr CString -> Ptr CInt -> IO CString
@@ -82,7 +83,7 @@
   case hashPassword pw h
     of
       Nothing -> False
-      Just h2 -> h2 == h
+      Just h2 -> h2 `constEq` h
 
 -- | A policy that allows passwords to be hashed reasonably quickly, but for that
 --   reason isn't suitable for high security applications.
@@ -158,4 +159,3 @@
 genSaltUsingPolicy (HashingPolicy hc ha) = do
   ent <- getEntropy 16
   return $ genSalt ha hc ent
-
diff --git a/bcrypt.cabal b/bcrypt.cabal
--- a/bcrypt.cabal
+++ b/bcrypt.cabal
@@ -1,5 +1,5 @@
 Name: bcrypt
-Version: 0.0.6
+Version: 0.0.7
 Cabal-Version: >= 1.6
 Build-Type: Simple
 License: BSD3
@@ -23,7 +23,8 @@
   c-sources: csrc/crypt_blowfish.c csrc/crypt_blowfish_wrapper.c csrc/crypt_gensalt.c
   build-depends: bytestring >= 0.9,
                  entropy < 0.4,
-                 base >= 3 && < 5
+                 base >= 3 && < 5,
+                 memory >= 0.1 && < 1.0
 
 source-repository head
   type: git
