diff --git a/OpenPGP-Security.md b/OpenPGP-Security.md
index 263db47..015d876 100644
--- a/OpenPGP-Security.md
+++ b/OpenPGP-Security.md
@@ -107,12 +107,13 @@ Bad examples can be found in dkg's blog post.
 
 Answer based on [dkg's blog post: "OpenPGP User ID Comments considered harmful"](https://www.debian-administration.org/users/dkg/weblog/97) (CC-BY 4.0)
 
-## Password meter on key creation
+## Password meters
 Currently, a very simple password meter is shown in the key creation wizard to encourage users to choose better passphrases to protect their keys.
 
 Studies have shown that password meters can indeed encourage the selection of better passwords:
   * ["How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation."](https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final209.pdf)
   * "Does my password go up to eleven?: the impact of password meters on password selection"
+  * https://blogs.dropbox.com/tech/2012/04/zxcvbn-realistic-password-strength-estimation/
 
 ### Relevant links
 * https://gist.github.com/coruus/68a8c65571e2b4225a69