From 3810c7e28e5f8b178db7bb91746555922ef9d6ac Mon Sep 17 00:00:00 2001
From: mfwmyfacewhen <94880365+mfwmyfacewhen@users.noreply.github.com>
Date: Fri, 13 May 2022 13:28:28 -0500
Subject: [PATCH] Fix typo in MFA guide (#1218)

---
 docs/security/multi-factor-authentication.en.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/security/multi-factor-authentication.en.md b/docs/security/multi-factor-authentication.en.md
index 982b4aae..4867be6f 100644
--- a/docs/security/multi-factor-authentication.en.md
+++ b/docs/security/multi-factor-authentication.en.md
@@ -24,7 +24,7 @@ The security of push notification MFA is dependent on both the quality of the ap
 
 ### Time-based One-time Password (TOTP)
 
-TOTP is one of the most commons form of MFA available. When you set up TOTP you are generally required to scan a [QR Code](https://en.wikipedia.org/wiki/QR_code) which establishes a "[shared secret](https://en.wikipedia.org/wiki/Shared_secret)" with the service that you intend to use. The shared secret is secured inside of the authenticator app's data, and is sometimes protected by a password.
+TOTP is one of the most common forms of MFA available. When you set up TOTP you are generally required to scan a [QR Code](https://en.wikipedia.org/wiki/QR_code) which establishes a "[shared secret](https://en.wikipedia.org/wiki/Shared_secret)" with the service that you intend to use. The shared secret is secured inside of the authenticator app's data, and is sometimes protected by a password.
 
 The time-limited code is then derived from the shared secret and the current time. As the code is only valid for a short time, without access to the shared secret an adversary cannot generate new codes.