diff --git a/app/models/concerns/token_authenticatable_strategies/base.rb b/app/models/concerns/token_authenticatable_strategies/base.rb
index c2c644558c03acd0d5a382412cdfc8f19efcebfe..23ee34962c79383ab017ca80e67375054b467ef3 100644
--- a/app/models/concerns/token_authenticatable_strategies/base.rb
+++ b/app/models/concerns/token_authenticatable_strategies/base.rb
@@ -48,6 +48,10 @@ module TokenAuthenticatableStrategies
     end
 
     def self.fabricate(instance, field, options)
+      if options[:digest] && options[:encrypted]
+        raise ArgumentError, 'Incompatible options set!'
+      end
+
       if options[:digest]
         TokenAuthenticatableStrategies::Digest.new(instance, field, options)
       elsif options[:encrypted]
diff --git a/spec/models/concerns/token_authenticatable_strategies/base_spec.rb b/spec/models/concerns/token_authenticatable_strategies/base_spec.rb
index acf5c656ea99cff3604d71dae82e961d7e35c46e..6605f1f5a5f09758a89b37fe25258da2271343e1 100644
--- a/spec/models/concerns/token_authenticatable_strategies/base_spec.rb
+++ b/spec/models/concerns/token_authenticatable_strategies/base_spec.rb
@@ -28,6 +28,13 @@ describe TokenAuthenticatableStrategies::Base do
         expect(strategy).to be_a TokenAuthenticatableStrategies::Insecure
       end
     end
+
+    context 'when incompatible options are provided' do
+      it 'raises an error' do
+        expect { described_class.fabricate(instance, field, digest: true, encrypted: true) }
+          .to raise_error ArgumentError
+      end
+    end
   end
 
   describe '#fallback?' do