diff --git a/SampleApplications/SDK/Opc.Ua.Client/Session.cs b/SampleApplications/SDK/Opc.Ua.Client/Session.cs
index 2b8bd987b..276d3f741 100644
--- a/SampleApplications/SDK/Opc.Ua.Client/Session.cs
+++ b/SampleApplications/SDK/Opc.Ua.Client/Session.cs
@@ -316,7 +316,7 @@ private void ValidateServerNonce(IUserIdentity identity, byte[] serverNonce, str
             if (identity!= null && identity.TokenType != UserTokenType.Anonymous)
             {
                 // the server nonce should be validated if the token includes a secret.
-                if (!Utils.Nonce.ValidateNonce(serverNonce, MessageSecurityMode.SignAndEncrypt, securityPolicyUri))
+                if (!Utils.Nonce.ValidateNonce(serverNonce, MessageSecurityMode.SignAndEncrypt, (uint)m_configuration.SecurityConfiguration.NonceLength))
                 {
                     throw ServiceResultException.Create(StatusCodes.BadNonceInvalid, "Server nonce is not the correct length or not random enough.");
                 }
diff --git a/Stack/Opc.Ua.Core/Types/Utils/Utils.cs b/Stack/Opc.Ua.Core/Types/Utils/Utils.cs
index 411d0fc9e..ae13f295d 100644
--- a/Stack/Opc.Ua.Core/Types/Utils/Utils.cs
+++ b/Stack/Opc.Ua.Core/Types/Utils/Utils.cs
@@ -2664,6 +2664,14 @@ public static uint GetNonceLength(string securityPolicyUri)
             /// Validates the nonce for a message security mode and security policy.
             /// </summary>
             public static bool ValidateNonce(byte[] nonce, MessageSecurityMode securityMode, string securityPolicyUri)
+            {
+                return ValidateNonce(nonce, securityMode, GetNonceLength(securityPolicyUri));
+            }
+
+            /// <summary>
+            /// Validates the nonce for a message security mode and a minimum length.
+            /// </summary>
+            public static bool ValidateNonce(byte[] nonce, MessageSecurityMode securityMode, uint minNonceLength)
             {
                 // no nonce needed for no security.
                 if (securityMode == MessageSecurityMode.None)
@@ -2672,7 +2680,7 @@ public static bool ValidateNonce(byte[] nonce, MessageSecurityMode securityMode,
                 }
 
                 // check the length.
-                if (nonce == null || nonce.Length < GetNonceLength(securityPolicyUri))
+                if (nonce == null || nonce.Length < minNonceLength)
                 {
                     return false;
                 }