diff --git a/src/eapol.c b/src/eapol.c
index e839f08a..2c3de1b7 100644
--- a/src/eapol.c
+++ b/src/eapol.c
@@ -47,6 +47,7 @@
 struct l_queue *state_machines;
 struct l_queue *preauths;
 struct watchlist frame_watches;
+static uint32_t eapol_4way_handshake_time = 2;
 
 eapol_deauthenticate_func_t deauthenticate = NULL;
 eapol_rekey_offload_func_t rekey_offload = NULL;
@@ -1839,7 +1840,8 @@ bool eapol_start(struct eapol_sm *sm)
 	sm->started = true;
 
 	if (sm->require_handshake)
-		sm->timeout = l_timeout_create(2, eapol_timeout, sm, NULL);
+		sm->timeout = l_timeout_create(eapol_4way_handshake_time,
+				eapol_timeout, sm, NULL);
 
 	if (sm->use_eapol_start) {
 		/*
@@ -2149,6 +2151,13 @@ void __eapol_rx_packet(uint32_t ifindex, const uint8_t *src, uint16_t proto,
 					(const struct eapol_frame *) eh);
 }
 
+void __eapol_set_config(struct l_settings *config)
+{
+	if (!l_settings_get_uint(config, "EAPoL",
+			"max_4way_handshake_time", &eapol_4way_handshake_time))
+		eapol_4way_handshake_time = 2;
+}
+
 bool eapol_init()
 {
 	state_machines = l_queue_new();
diff --git a/src/eapol.h b/src/eapol.h
index e5144030..ebc73722 100644
--- a/src/eapol.h
+++ b/src/eapol.h
@@ -184,6 +184,7 @@ void __eapol_set_deauthenticate_func(eapol_deauthenticate_func_t func);
 void __eapol_set_rekey_offload_func(eapol_rekey_offload_func_t func);
 void __eapol_update_replay_counter(uint32_t ifindex, const uint8_t *spa,
 				const uint8_t *aa, uint64_t replay_counter);
+void __eapol_set_config(struct l_settings *config);
 
 struct eapol_sm *eapol_sm_new(struct handshake_state *hs);
 void eapol_sm_free(struct eapol_sm *sm);