diff --git a/pam_goatherd.c b/pam_goatherd.c
index 06a50a9c6baf808bab93e83fc7f3aa2a1a4d7989..56199ba5885052ebe8f0bddb04f3592e4015bc48 100644
--- a/pam_goatherd.c
+++ b/pam_goatherd.c
@@ -198,7 +198,8 @@ static int check_hotp(struct cfg cfg, size_t n_server, const char *user, const c
         goto bye;
     }
 
-    char buf[5];
+    // str_fail is the biggest expected response string
+    char buf[sizeof(str_fail)];
     ssize_t recvd;
     if ((recvd = gnutls_record_recv(session, &buf, sizeof(buf) - 1)) < 0)
     {