address docs review

Author: karimhamdanali

swift/ql/src/queries/Security/CWE-259/ConstantPassword.qhelp

@@ -3,7 +3,7 @@
   "qhelp.dtd">
 <qhelp>
   <overview>
-    <p>Deriving password-based encryption keys using hard-coded passwords is insecure, because the generated key may be easily discovered. Data hashed using constant salts are vulnerable to dictionary attacks, enabling attackers to recover the original input.</p>
+    <p>Deriving password-based encryption keys using hardcoded passwords is insecure, because the generated key may be easily discovered. Data hashed using constant salts is vulnerable to dictionary attacks, enabling attackers to recover the original input.</p>
     <p>In particular, constant passwords would enable easier recovery of the key, even in the presence of a salt. If that salt is random enough, then key recovery is not as easy as just looking up a hardcoded credential in the source code.</p>
   </overview>
 
@@ -17,7 +17,7 @@
   </example>
 
   <references>
-    <li><a href="https://www.okta.com/blog/2019/03/what-are-salted-passwords-and-password-hashing/">What are Salted Passwords and Password Hashing?</a></li>
-    <li><a href="https://www.rfc-editor.org/rfc/rfc2898">Password-Based Cryptography Specification</a></li>
+    <li>Okta blog: <a href="https://www.okta.com/blog/2019/03/what-are-salted-passwords-and-password-hashing/">What are Salted Passwords and Password Hashing?</a></li>
+    <li>RFC 2898: <a href="https://www.rfc-editor.org/rfc/rfc2898">Password-Based Cryptography Specification</a>.</li>
   </references>
 </qhelp>