diff --git a/browser.js b/browser.js
index f09ad9d..405bd8e 100644
--- a/browser.js
+++ b/browser.js
@@ -21,7 +21,7 @@ function pbkdf2 (password, salt, iterations, keylen, digest, callback) {
   })
 }
 
-function checkParameters(iterations, keylen) {
+function checkParameters (iterations, keylen) {
   if (typeof iterations !== 'number') {
     throw new TypeError('Iterations not a number')
   }
@@ -34,7 +34,7 @@ function checkParameters(iterations, keylen) {
     throw new TypeError('Key length not a number')
   }
 
-  if (keylen < 0 || keylen > MAX_ALLOC) {
+  if (keylen < 0 || keylen > MAX_ALLOC || isNaN(keylen)) {
     throw new TypeError('Bad key length')
   }
 }
diff --git a/index.js b/index.js
index ad86119..aa6de6c 100644
--- a/index.js
+++ b/index.js
@@ -18,7 +18,7 @@ function asyncPBKDF2 (password, salt, iterations, keylen, digest, callback) {
     throw new TypeError('Key length not a number')
   }
 
-  if (keylen < 0 || keylen > MAX_ALLOC) {
+  if (keylen < 0 || keylen > MAX_ALLOC || isNaN(keylen)) {
     throw new TypeError('Bad key length')
   }
 
diff --git a/test/index.js b/test/index.js
index de2363b..595cc4a 100644
--- a/test/index.js
+++ b/test/index.js
@@ -3,6 +3,20 @@ var compatNode = require('../')
 var compatBrowser = require('../browser')
 var fixtures = require('./fixtures')
 
+fixtures.invalid.push({
+  "key": "password",
+  "salt": "salt",
+  "iterations": 1,
+  "dkLen": NaN,
+  "exception": "Bad key length"
+}, {
+  "key": "password",
+  "salt": "salt",
+  "iterations": 1,
+  "dkLen": Infinity,
+  "exception": "Bad key length"
+})
+
 // SHA-1 vectors generated by Node.js
 // SHA-256/SHA-512 test vectors from:
 // https://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors