diff --git a/sign.js b/sign.js
index 64be342..e8fed68 100644
--- a/sign.js
+++ b/sign.js
@@ -66,6 +66,9 @@ module.exports = function (payload, secretOrPrivateKey, options, callback) {
     throw err;
   }
 
+  if (!secretOrPrivateKey) {
+    return failure(new Error('secretOrPrivateKey must have a value'));
+  }
 
   if (typeof payload === 'undefined') {
     return failure(new Error('payload is required'));
diff --git a/test/async_sign.tests.js b/test/async_sign.tests.js
index aec806f..544bd1d 100644
--- a/test/async_sign.tests.js
+++ b/test/async_sign.tests.js
@@ -63,5 +63,19 @@ describe('signing a token asynchronously', function() {
         done();
       });
     });
+
+    describe('secret must have a value', function(){
+      [undefined, '', 0].forEach(function(secret){
+        it('should return an error if the secret is falsy: ' + (typeof secret === 'string' ? '(empty string)' : secret), function(done) {
+        // This is needed since jws will not answer for falsy secrets
+          jwt.sign('string', secret, {}, function(err, token) {
+            expect(err).to.be.exist();
+            expect(err.message).to.equal('secretOrPrivateKey must have a value');
+            expect(token).to.not.exist;
+            done();
+          });
+        });
+      });
+    });
   });
 });