diff --git a/core/rtmp/utils.go b/core/rtmp/utils.go
index 8e0a67f32..3c0614601 100644
--- a/core/rtmp/utils.go
+++ b/core/rtmp/utils.go
@@ -1,6 +1,7 @@
 package rtmp
 
 import (
+	"crypto/subtle"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -89,5 +90,7 @@ func secretMatch(configStreamKey string, path string) bool {
 	}
 
 	streamingKey := path[len(prefix):] // Remove $prefix
-	return streamingKey == configStreamKey
+
+	matches := subtle.ConstantTimeCompare([]byte(streamingKey), []byte(configStreamKey)) == 1
+	return matches
 }