diff --git a/reference/constraints/NotCompromisedPassword.rst b/reference/constraints/NotCompromisedPassword.rst
index ffa9fe99d8d..1eded1463f9 100644
--- a/reference/constraints/NotCompromisedPassword.rst
+++ b/reference/constraints/NotCompromisedPassword.rst
@@ -83,7 +83,7 @@ The following constraint ensures that the ``rawPassword`` property of the
 
 In order to make the password validation, this constraint doesn't send the raw
 password value to the ``haveibeenpwned.com`` API. Instead, it follows a secure
-process known as `k-anonimity password validation`_.
+process known as `k-anonymity password validation`_.
 
 In practice, the raw password is hashed using SHA-1 and only the first bytes of
 the hash are sent. Then, the ``haveibeenpwned.com`` API compares those bytes
@@ -134,4 +134,4 @@ publicly to consider it compromised. Think carefully before setting this option
 to a higher value because it could decrease the security of your application.
 
 .. _`haveibeenpwned.com`: https://haveibeenpwned.com/
-.. _`k-anonimity password validation`: https://blog.cloudflare.com/validating-leaked-passwords-with-k-anonymity/
+.. _`k-anonymity password validation`: https://blog.cloudflare.com/validating-leaked-passwords-with-k-anonymity/