Merge branch 'master' of [email protected]:j256/two-factor-auth.git

j256 · Apr 13, 2017 · 9573f22 · 9573f22
2 parents c01bcbd + b19bdd3
commit 9573f22
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -10,9 +10,9 @@ You can use this code with the Google Authenticator mobile app or the Authy mobi
 
 ## To get this to work you:
 
-1. Use `generateBase32Secret()` to generate a secret key for a user.  For example: `"NY4A5CPJZ46LXZCP"`
+1. Use `generateBase32Secret()` to generate a secret key in base-32 format for the user.  For example: `"NY4A5CPJZ46LXZCP"`
 2. Store the secret key in the database associated with the user account.
-3. Display the QR image URL returned by `qrImageUrl(...)` to the user.  Here's a sample from GoogleAPIs:  
+3. Display the QR image URL returned by `qrImageUrl(...)` to the user.  Here's a sample which uses GoogleAPIs:  
 ![Sample QR Image](https://chart.googleapis.com/chart?chs=200x200&cht=qr&chl=200x200&chld=M|0&cht=qr&chl=otpauth://totp/[email protected]%3Fsecret%3DNY4A5CPJZ46LXZCP)
 4. User uses the image to load the secret key into his authenticator application.
 

diff --git a/src/main/java/com/j256/twofactorauth/TimeBasedOneTimePasswordUtil.java b/src/main/java/com/j256/twofactorauth/TimeBasedOneTimePasswordUtil.java
@@ -35,7 +35,7 @@
  * </p>
  * 
  * <p>
- * For more details of this magic algorithm, see: http://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm
+ * For more details about this magic algorithm, see: http://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm
  * </p>
  * 
  * @author graywatson
@@ -83,8 +83,8 @@ public static String generateBase32Secret(int length) {
 	}
 
 	/**
-	 * Validate a given secret-number using the secret base-32 string. This allows you to set a window in seconds to
-	 * account for people being close to the end of the time-step. For example, if windowSeconds is 10 then this method
+	 * Validate a given secret-number using the secret base-32 string. This allows you to set a window in milliseconds to
+	 * account for people being close to the end of the time-step. For example, if windowMillis is 10000 then this method
 	 * will check the authNumber against the generated number from 10 seconds before now through 10 seconds after now.
 	 * 
 	 * <p>