diff --git a/cmd/lock-rpc-server-common.go b/cmd/lock-rpc-server-common.go
index eee2f6246..716028de6 100644
--- a/cmd/lock-rpc-server-common.go
+++ b/cmd/lock-rpc-server-common.go
@@ -58,9 +58,11 @@ func (l *lockServer) removeEntry(name, uid string, lri *[]lockRequesterInfo) boo
 }
 
 // Validate lock args.
+// - validate time stamp.
+// - validate jwt token.
 func (l *lockServer) validateLockArgs(args *LockArgs) error {
 	curTime := time.Now().UTC()
-	if curTime.Sub(args.Timestamp) > globalMaxSkewTime {
+	if curTime.Sub(args.Timestamp) > globalMaxSkewTime || args.Timestamp.Sub(curTime) > globalMaxSkewTime {
 		return errServerTimeMismatch
 	}
 	if !isRPCTokenValid(args.Token) {