diff --git a/crypto/keys/mintkey/README.md b/crypto/keys/mintkey/README.md
index ca3d4c21cf..5180e50bd0 100644
--- a/crypto/keys/mintkey/README.md
+++ b/crypto/keys/mintkey/README.md
@@ -5,7 +5,7 @@ The present Bcrypt security parameter used is 12, which should take about a quar
 
 For some background into security parameter considerations, see [here](https://auth0.com/blog/hashing-in-action-understanding-bcrypt/) and [here](https://security.stackexchange.com/questions/3959/recommended-of-iterations-when-using-pkbdf2-sha256/3993#3993).
 
-Given our security model, where an attacker would need to already have access to a victim's computer and copy the `~/.gaiacli` directory (as opposed to e.g. web authentication), this parameter choice seems sufficient for the time being.
+Given our security model, where an attacker would need to already have access to a victim's computer and copy the `~/.gaiacli` directory (as opposed to e.g. web authentication), this parameter choice seems sufficient for the time being. Bcrypt always generates a 448-bit key, so the security in practice is determined by the length & complexity of a user's password and the time taken to generate a Bcrypt key from their password (which we can choose with the security parameter). Users would be well-advised to use difficult-to-guess passwords.
 
 Benchmarking
 ------------
@@ -13,7 +13,7 @@ Benchmarking
 To run Bcrypt benchmarks:
 
 ```bash
-go test -bench .
+go test -v --bench github.com/cosmos/cosmos-sdk/crypto/keys/mintkey
 ```
 
 On the test machine (midrange ThinkPad; i7 6600U), this results in: