diff --git a/lib/passwordstate/client.rb b/lib/passwordstate/client.rb
index 959862de3b3475dec76d45ebc26b8c567670b2f8..5a99e45ae658b0924f70a395daf58b1ee6b11310 100644
--- a/lib/passwordstate/client.rb
+++ b/lib/passwordstate/client.rb
@@ -9,6 +9,7 @@ module Passwordstate
     }.freeze
 
     attr_accessor :server_url, :auth_data, :headers, :validate_certificate
+    attr_reader :timeout
     attr_writer :api_type
 
     def initialize(url, options = {})
@@ -17,6 +18,7 @@ module Passwordstate
       @headers = DEFAULT_HEADERS
       @auth_data = options.select { |k, _v| %i[apikey username password].include? k }
       @api_type = options.fetch(:api_type) if options.key? :api_type
+      @timeout = options.fetch(:timeout, 0)
     end
 
     def logger
@@ -27,6 +29,11 @@ module Passwordstate
       @api_type || (auth_data.key?(:apikey) ? :api : :winapi)
     end
 
+    def timeout=(sec)
+      @timeout = sec
+      @http.read_timeout = sec if @http
+    end
+
     def folders
       ResourceList.new self, Passwordstate::Resources::Folder,
                        only: %i[all search post]
@@ -115,6 +122,7 @@ module Passwordstate
       @http ||= Net::HTTP.new server_url.host, server_url.port
       return @http if @http.active?
 
+      @http.read_timeout = @timeout if @timeout
       @http.use_ssl = server_url.scheme == 'https'
       @http.verify_mode = validate_certificate ? ::OpenSSL::SSL::VERIFY_NONE : nil
       @http.start