From 0f1f33faaeafa2c1052263c3e4a49d5111b2b991 Mon Sep 17 00:00:00 2001
From: jmillerv <50455719+jmillerv@users.noreply.github.com>
Date: Tue, 30 Jun 2020 16:36:08 -0600
Subject: [PATCH] Update README with timing attack link

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 3053266..1f221fb 100644
--- a/README.md
+++ b/README.md
@@ -57,7 +57,7 @@ https://theworld.com/~reinhold/diceware.html
 https://www.pleacher.com/mp/mlessons/algebra/entropy.html
 
 ### Usage in Production Environments
-This is the use at your own risk warning. As this program uses the math/rand package and not the crypto/rand package, I would avoid production environments because of the possibility of being subject to a time attack. That being said, security is all about threat models, and most users who need a quick simple password aren't being actively targeted on their machines. 
+This is the use at your own risk warning. As this program uses the math/rand package and not the crypto/rand package, I would avoid production environments because of the possibility of being subject to a [timing attack](https://en.wikipedia.org/wiki/Timing_attack). That being said, security is all about threat models, and most users who need a quick simple password aren't being actively targeted on their machines. 
 
 Replacing the math/rand with crypto/rand isn't out of the picture, it's just not a priority at the moment.