diff --git a/index.js b/index.js
index a3ad53d..535c8b0 100644
--- a/index.js
+++ b/index.js
@@ -82,7 +82,7 @@ hotp.verify = function(token, key, opt) {
 
 	// Now loop through from C to C + W to determine if there is
 	// a correct code
-	for(var i = counter; i <=  counter + window; ++i) {
+	for(var i = counter - window; i <=  counter + window; ++i) {
 		opt.counter = i;
 		if(this.gen(key, opt) === token) {
 			// We have found a matching code, trigger callback
diff --git a/test/notp.js b/test/notp.js
index 8843ab2..bd20e80 100644
--- a/test/notp.js
+++ b/test/notp.js
@@ -132,6 +132,12 @@ exports.testHOTPOutOfSync = function(beforeExit, assert) {
 	// counterheck that the test should pass for window >= 9
 	opt.window = 8;
 	assert.ok(notp.hotp.verify(token, key, opt), 'Should pass for value of window >= 9');
+
+    // counterheck that test should pass for negative counter values
+    token = '755224';
+    opt.counter = 7
+    opt.window = 8;
+    assert.ok(notp.hotp.verify(token, key, opt), 'Should pass for negative counter values');
 };