Update README with timing attack link

jmillerv · Jun 30, 2020 · 0f1f33f · 0f1f33f
1 parent 373d13b
commit 0f1f33f
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/README.md b/README.md
@@ -57,7 +57,7 @@ https://theworld.com/~reinhold/diceware.html
 https://www.pleacher.com/mp/mlessons/algebra/entropy.html
 
 ### Usage in Production Environments
-This is the use at your own risk warning. As this program uses the math/rand package and not the crypto/rand package, I would avoid production environments because of the possibility of being subject to a time attack. That being said, security is all about threat models, and most users who need a quick simple password aren't being actively targeted on their machines. 
+This is the use at your own risk warning. As this program uses the math/rand package and not the crypto/rand package, I would avoid production environments because of the possibility of being subject to a [timing attack](https://en.wikipedia.org/wiki/Timing_attack). That being said, security is all about threat models, and most users who need a quick simple password aren't being actively targeted on their machines. 
 
 Replacing the math/rand with crypto/rand isn't out of the picture, it's just not a priority at the moment.