diff --git a/keys.c b/keys.c
index 0fc9d4e..4af7eb6 100644
--- a/keys.c
+++ b/keys.c
@@ -198,9 +198,6 @@ KEY_Reload(void)
       continue;
     }
 
-    if (key.len < MIN_SECURE_KEY_LENGTH)
-      LOG(LOGS_WARN, LOGF_Keys, "Key %"PRIu32" is too short", key_id);
-
     key.id = key_id;
     key.val = MallocArray(char, key.len);
     memcpy(key.val, keyval, key.len);
@@ -295,6 +292,21 @@ KEY_GetAuthDelay(uint32_t key_id)
 
 /* ================================================== */
 
+int
+KEY_CheckKeyLength(uint32_t key_id)
+{
+  Key *key;
+
+  key = get_key_by_id(key_id);
+
+  if (!key)
+    return 0;
+
+  return key->len >= MIN_SECURE_KEY_LENGTH;
+}
+
+/* ================================================== */
+
 int
 KEY_GenerateAuth(uint32_t key_id, const unsigned char *data, int data_len,
     unsigned char *auth, int auth_len)
diff --git a/keys.h b/keys.h
index e6e51aa..65536cf 100644
--- a/keys.h
+++ b/keys.h
@@ -37,6 +37,7 @@ extern void KEY_Reload(void);
 extern int KEY_GetKey(uint32_t key_id, char **key, int *len);
 extern int KEY_KeyKnown(uint32_t key_id);
 extern int KEY_GetAuthDelay(uint32_t key_id);
+extern int KEY_CheckKeyLength(uint32_t key_id);
 
 extern int KEY_GenerateAuth(uint32_t key_id, const unsigned char *data,
     int data_len, unsigned char *auth, int auth_len);
diff --git a/ntp_core.c b/ntp_core.c
index 8428642..4087c98 100644
--- a/ntp_core.c
+++ b/ntp_core.c
@@ -497,8 +497,13 @@ NCR_GetInstance(NTP_Remote_Address *remote_addr, NTP_Source_Type type, SourcePar
     result->do_auth = 1;
     result->auth_key_id = params->authkey;
     if (!KEY_KeyKnown(result->auth_key_id)) {
-      LOG(LOGS_WARN, LOGF_NtpCore, "Source %s added with unknown key %"PRIu32,
-          UTI_IPToString(&result->remote_addr.ip_addr), result->auth_key_id);
+      LOG(LOGS_WARN, LOGF_NtpCore, "Key %"PRIu32" used by source %s is %s",
+          result->auth_key_id, UTI_IPToString(&result->remote_addr.ip_addr),
+          "missing");
+    } else if (!KEY_CheckKeyLength(result->auth_key_id)) {
+      LOG(LOGS_WARN, LOGF_NtpCore, "Key %"PRIu32" used by source %s is %s",
+          result->auth_key_id, UTI_IPToString(&result->remote_addr.ip_addr),
+          "too short");
     }
   }