diff --git a/plugins/constraint/delay.inc b/plugins/constraint/delay.inc
index 36b095a..efcb2fb 100644
--- a/plugins/constraint/delay.inc
+++ b/plugins/constraint/delay.inc
@@ -43,10 +43,9 @@ function password_policy_delay_constraint($password, $account, $constraint) {
 
   // To skip the delay constraint, the user must have logged in via a
   // one-time link and have the token in the URL.
-  $pass_reset = isset($_SESSION['pass_reset_' . $account->uid]) && isset($_GET['pass-reset-token']) && ($_GET['pass-reset-token'] == $_SESSION['pass_reset_' . $account->uid]);
-
-  // Don't apply constraint on password reset.
-  if ($pass_reset) {
+  if (isset($_SESSION['pass_reset_' . $account->uid], $_GET['pass-reset-token'])
+    && ($_GET['pass-reset-token'] === $_SESSION['pass_reset_' . $account->uid])) {
+    // Don't apply constraint on password reset.
     return TRUE;
   }