Small fixes

1 files changed, 5 insertions, 6 deletions

diff --git a/docs/hazmat/primitives/twofactor.rst b/docs/hazmat/primitives/twofactor.rst
index 12277c8f..120beb06 100644
--- a/docs/hazmat/primitives/twofactor.rst
+++ b/docs/hazmat/primitives/twofactor.rst
@@ -105,8 +105,9 @@ This can be accomplished with something similar to the following code.
 
     TOTP objects take a ``key``, ``length``, ``algorithm`` and ``time_step``
     parameter. The ``key`` should be randomly generated bytes and is recommended
-    to be 160 bits in length. The ``length`` parameter controls the length of the
-    generated one time password and must be >= 6 and <= 8.
+    to be as long as your hash function's output (e.g 256-bit for SHA256).
+    The ``length`` parameter controls the length of the generated one time
+    password and must be >= 6 and <= 8.
 
     This is an implementation of :rfc:`6238`.
 
@@ -123,8 +124,8 @@ This can be accomplished with something similar to the following code.
         >>> totp.verify(b"94287082", 59)
 
     :param bytes key: Secret key as ``bytes``. This value must be generated in a
-                      cryptographically secure fashion and be at least 128 bits.
-                      It is recommended that the key be 160 bits.
+                      cryptographically secure fashion and be as long as your hash
+                      function's output (e.g 256-bit for SHA256).
     :param int length: Length of generated one time password as ``int``.
     :param algorithm: A
         :class:`~cryptography.hazmat.primitives.hashes`
@@ -137,5 +138,3 @@ This can be accomplished with something similar to the following code.
                         or if the ``length`` parameter is not between 6 to 8.
     :raises UnsupportedAlgorithm: This is raised if the provided ``algorithm`` is not
                                   ``SHA1()``, ``SHA256()`` or ``SHA512()``.
-
-