diff --git a/main/inc/lib/api.lib.php b/main/inc/lib/api.lib.php
index 1648fefcb8..9b9eb8f2eb 100644
--- a/main/inc/lib/api.lib.php
+++ b/main/inc/lib/api.lib.php
@@ -6838,7 +6838,11 @@ function api_is_in_group($groupIdParam = null, $courseCodeParam = null)
  */
 function api_is_valid_secret_key($original_key_secret, $security_key)
 {
-    return $original_key_secret == sha1($security_key);
+    if (empty($original_key_secret) || empty($security_key)) {
+        return false;
+    }
+
+    return $original_key_secret === sha1($security_key);
 }
 
 /**