diff --git a/.travis.yml b/.travis.yml
index 49014c87..38dffdbd 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -6,6 +6,8 @@ script: bundle exec rake
 rvm:
   - 2.1.8
   - 2.2.4
+  - 2.3.4
+  - 2.4.1
   - ruby-head
 matrix:
   allow_failures:
diff --git a/Gemfile.lock b/Gemfile.lock
index 2b50e3f2..c5537c94 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -3,58 +3,57 @@ PATH
   specs:
     devise_security_extension (0.10.0)
       devise (>= 3.0.0, < 5.0)
-      railties (>= 3.2.6, < 6.0)
+      rails (>= 4.2.8, < 6.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (4.2.6)
-      actionpack (= 4.2.6)
-      actionview (= 4.2.6)
-      activejob (= 4.2.6)
+    actionmailer (4.2.8)
+      actionpack (= 4.2.8)
+      actionview (= 4.2.8)
+      activejob (= 4.2.8)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 1.0, >= 1.0.5)
-    actionpack (4.2.6)
-      actionview (= 4.2.6)
-      activesupport (= 4.2.6)
+    actionpack (4.2.8)
+      actionview (= 4.2.8)
+      activesupport (= 4.2.8)
       rack (~> 1.6)
       rack-test (~> 0.6.2)
       rails-dom-testing (~> 1.0, >= 1.0.5)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (4.2.6)
-      activesupport (= 4.2.6)
+    actionview (4.2.8)
+      activesupport (= 4.2.8)
       builder (~> 3.1)
       erubis (~> 2.7.0)
       rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    activejob (4.2.6)
-      activesupport (= 4.2.6)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activejob (4.2.8)
+      activesupport (= 4.2.8)
       globalid (>= 0.3.0)
-    activemodel (4.2.6)
-      activesupport (= 4.2.6)
+    activemodel (4.2.8)
+      activesupport (= 4.2.8)
       builder (~> 3.1)
-    activerecord (4.2.6)
-      activemodel (= 4.2.6)
-      activesupport (= 4.2.6)
+    activerecord (4.2.8)
+      activemodel (= 4.2.8)
+      activesupport (= 4.2.8)
       arel (~> 6.0)
-    activesupport (4.2.6)
+    activesupport (4.2.8)
       i18n (~> 0.7)
-      json (~> 1.7, >= 1.7.7)
       minitest (~> 5.1)
       thread_safe (~> 0.3, >= 0.3.4)
       tzinfo (~> 1.1)
-    arel (6.0.3)
+    arel (6.0.4)
     ast (2.3.0)
     bcrypt (3.1.11)
-    builder (3.2.2)
-    concurrent-ruby (1.0.2)
+    builder (3.2.3)
+    concurrent-ruby (1.0.5)
     coveralls (0.8.13)
       json (~> 1.8)
       simplecov (~> 0.11.0)
       term-ansicolor (~> 1.3)
       thor (~> 0.19.1)
       tins (~> 1.6.0)
-    devise (4.2.0)
+    devise (4.2.1)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0, < 5.1)
@@ -70,10 +69,10 @@ GEM
       simplecov (>= 0.3.8)
       yard (>= 0.7.0)
     erubis (2.7.0)
-    globalid (0.3.6)
+    globalid (0.3.7)
       activesupport (>= 4.1.0)
-    i18n (0.7.0)
-    json (1.8.3)
+    i18n (0.8.1)
+    json (1.8.6)
     loofah (2.0.3)
       nokogiri (>= 1.5.9)
     mail (2.6.4)
@@ -82,47 +81,45 @@ GEM
       mime-types-data (~> 3.2015)
     mime-types-data (3.2016.0521)
     mini_portile2 (2.1.0)
-    minitest (5.9.0)
-    nokogiri (1.6.8)
+    minitest (5.10.1)
+    nokogiri (1.7.1)
       mini_portile2 (~> 2.1.0)
-      pkg-config (~> 1.1.7)
     orm_adapter (0.5.0)
     parser (2.3.1.2)
       ast (~> 2.2)
-    pkg-config (1.1.7)
     powerpack (0.1.1)
-    rack (1.6.4)
+    rack (1.6.5)
     rack-test (0.6.3)
       rack (>= 1.0)
-    rails (4.2.6)
-      actionmailer (= 4.2.6)
-      actionpack (= 4.2.6)
-      actionview (= 4.2.6)
-      activejob (= 4.2.6)
-      activemodel (= 4.2.6)
-      activerecord (= 4.2.6)
-      activesupport (= 4.2.6)
+    rails (4.2.8)
+      actionmailer (= 4.2.8)
+      actionpack (= 4.2.8)
+      actionview (= 4.2.8)
+      activejob (= 4.2.8)
+      activemodel (= 4.2.8)
+      activerecord (= 4.2.8)
+      activesupport (= 4.2.8)
       bundler (>= 1.3.0, < 2.0)
-      railties (= 4.2.6)
+      railties (= 4.2.8)
       sprockets-rails
     rails-deprecated_sanitizer (1.0.3)
       activesupport (>= 4.2.0.alpha)
-    rails-dom-testing (1.0.7)
+    rails-dom-testing (1.0.8)
       activesupport (>= 4.2.0.beta, < 5.0)
-      nokogiri (~> 1.6.0)
+      nokogiri (~> 1.6)
       rails-deprecated_sanitizer (>= 1.0.1)
     rails-html-sanitizer (1.0.3)
       loofah (~> 2.0)
     rails_email_validator (0.1.4)
       activemodel (>= 3.0.0)
-    railties (4.2.6)
-      actionpack (= 4.2.6)
-      activesupport (= 4.2.6)
+    railties (4.2.8)
+      actionpack (= 4.2.8)
+      activesupport (= 4.2.8)
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     rainbow (2.1.0)
-    rake (11.2.2)
-    responders (2.2.0)
+    rake (12.0.0)
+    responders (2.3.0)
       railties (>= 4.2.0, < 5.1)
     rmagick (2.15.4)
     rspec-core (3.4.4)
@@ -154,23 +151,23 @@ GEM
       json (~> 1.8)
       simplecov-html (~> 0.10.0)
     simplecov-html (0.10.0)
-    sprockets (3.6.0)
+    sprockets (3.7.1)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
-    sprockets-rails (3.0.4)
+    sprockets-rails (3.2.0)
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
     sqlite3 (1.3.11)
     term-ansicolor (1.3.2)
       tins (~> 1.0)
-    thor (0.19.1)
-    thread_safe (0.3.5)
+    thor (0.19.4)
+    thread_safe (0.3.6)
     tins (1.6.0)
-    tzinfo (1.2.2)
+    tzinfo (1.2.3)
       thread_safe (~> 0.1)
     unicode-display_width (1.0.5)
-    warden (1.2.6)
+    warden (1.2.7)
       rack (>= 1.0)
     yard (0.8.7.6)
 
@@ -188,4 +185,4 @@ DEPENDENCIES
   sqlite3 (~> 1.3.10)
 
 BUNDLED WITH
-   1.12.5
+   1.14.6
diff --git a/devise_security_extension.gemspec b/devise_security_extension.gemspec
index eb985df3..a47616cb 100644
--- a/devise_security_extension.gemspec
+++ b/devise_security_extension.gemspec
@@ -20,7 +20,11 @@ Gem::Specification.new do |s|
   s.require_paths = ['lib']
   s.required_ruby_version = '>= 2.1.0'
 
-  s.add_runtime_dependency 'railties', '>= 3.2.6', '< 6.0'
+  if RUBY_VERSION >= '2.4'
+    s.add_runtime_dependency 'rails', '>= 4.2.8', '< 6.0'
+  else
+    s.add_runtime_dependency 'railties', '>= 3.2.6', '< 6.0'
+  end
   s.add_runtime_dependency 'devise', '>= 3.0.0', '< 5.0'
   s.add_development_dependency 'bundler', '>= 1.3.0', '< 2.0'
   s.add_development_dependency 'sqlite3', '~> 1.3.10'
diff --git a/lib/devise_security_extension/models/password_archivable.rb b/lib/devise_security_extension/models/password_archivable.rb
index 3913cfd8..a5e4e84d 100644
--- a/lib/devise_security_extension/models/password_archivable.rb
+++ b/lib/devise_security_extension/models/password_archivable.rb
@@ -16,7 +16,7 @@ def validate_password_archive
 
       # validate is the password used in the past
       def password_archive_included?
-        unless deny_old_passwords.is_a? Fixnum
+        unless deny_old_passwords.is_a? 1.class
           if deny_old_passwords.is_a? TrueClass and archive_count > 0
             self.deny_old_passwords = archive_count
           else
diff --git a/lib/devise_security_extension/models/password_expirable.rb b/lib/devise_security_extension/models/password_expirable.rb
index 95184ded..a957aed2 100644
--- a/lib/devise_security_extension/models/password_expirable.rb
+++ b/lib/devise_security_extension/models/password_expirable.rb
@@ -13,7 +13,7 @@ module PasswordExpirable
 
       # is an password change required?
       def need_change_password?
-        if self.expire_password_after.is_a? Fixnum or self.expire_password_after.is_a? Float
+        if expired_password_after_numeric?
           self.password_changed_at.nil? or self.password_changed_at < self.expire_password_after.seconds.ago
         else
           false
@@ -22,7 +22,7 @@ def need_change_password?
 
       # set a fake datetime so a password change is needed and save the record
       def need_change_password!
-        if self.expire_password_after.is_a? Fixnum or self.expire_password_after.is_a? Float
+        if expired_password_after_numeric?
           need_change_password
           self.save(:validate => false)
         end
@@ -30,7 +30,7 @@ def need_change_password!
 
       # set a fake datetime so a password change is needed
       def need_change_password
-        if self.expire_password_after.is_a? Fixnum or self.expire_password_after.is_a? Float
+        if expired_password_after_numeric?
           self.password_changed_at = self.expire_password_after.seconds.ago
         end
 
@@ -39,7 +39,7 @@ def need_change_password
 
         self.password_changed_at
       end
-      
+
       def expire_password_after
         self.class.expire_password_after
       end
@@ -51,6 +51,12 @@ def update_password_changed
           self.password_changed_at = Time.now if (self.new_record? or self.encrypted_password_changed?) and not self.password_changed_at_changed?
         end
 
+        def expired_password_after_numeric?
+          return @_numeric if defined?(@_numeric)
+          @_numeric ||= self.expire_password_after.is_a?(1.class) ||
+            self.expire_password_after.is_a?(Float)
+        end
+
       module ClassMethods
         ::Devise::Models.config(self, :expire_password_after)
       end
diff --git a/test/test_paranoid_verification.rb b/test/test_paranoid_verification.rb
index 1bc19921..8978effe 100644
--- a/test/test_paranoid_verification.rb
+++ b/test/test_paranoid_verification.rb
@@ -61,7 +61,7 @@ class TestParanoidVerification < ActiveSupport::TestCase
   test 'when code not match upon verification code, should not set paranoid_verified_at' do
     user = User.new(paranoid_verification_code: 'abcde')
     user.verify_code('wrong')
-    assert_equal(nil, user.paranoid_verified_at)
+    assert_nil(user.paranoid_verified_at)
   end
 
   test 'when code not match upon verification code too many attempts should generate new code' do