Merge branch 'master' of github.com:jmillerv/gophrase

jmillerv · Jul 8, 2020 · 5a63488 · 5a63488
2 parents 6055c4b + 0f1f33f
commit 5a63488
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 16 deletions.
diff --git a/EMBEDDED LICENSES b/EMBEDDED LICENSES
diff --git a/README.md b/README.md
@@ -1,5 +1,5 @@
 # gophrase
-CLI passphrase generator written in Go
+CLI diceware passphrase generator written in Go
 
 ### About Diceware Passwords
 [Diceware](https://en.wikipedia.org/wiki/Diceware) is a method that allows anyone to use ordinary dice to generate an easy to remember passphrase
@@ -57,7 +57,7 @@ https://theworld.com/~reinhold/diceware.html
 https://www.pleacher.com/mp/mlessons/algebra/entropy.html
 
 ### Usage in Production Environments
-This is the use at your own risk warning. As this program uses the math/rand package and not the crypto/rand package, I would avoid production environments because of the possibility of being subject to a time attack. That being said, security is all about threat models, and most users who need a quick simple password aren't being actively targeted on their machines. 
+This is the use at your own risk warning. As this program uses the math/rand package and not the crypto/rand package, I would avoid production environments because of the possibility of being subject to a [timing attack](https://en.wikipedia.org/wiki/Timing_attack). That being said, security is all about threat models, and most users who need a quick simple password aren't being actively targeted on their machines. 
 
 Replacing the math/rand with crypto/rand isn't out of the picture, it's just not a priority at the moment.