diff --git a/windows/access-protection/hello-for-business/hello-features.md b/windows/access-protection/hello-for-business/hello-features.md
index 2e4ae4c446..af73b147d6 100644
--- a/windows/access-protection/hello-for-business/hello-features.md
+++ b/windows/access-protection/hello-for-business/hello-features.md
@@ -19,7 +19,7 @@ Consider these additional features you can use after your organization deploys W
 * [Conditional access](#conditional-access)
 * [Dynamic lock](#dynamic-lock)
 * [PIN reset](#PIN-reset)
-* [Privileged workstation](#Priveleged-workstation)
+* [Privileged credentials](#Priveleged-crednetials)
 * [Mulitfactor Unlock](#Multifactor-unlock)
 
 
@@ -142,14 +142,14 @@ On-premises deployments provide users with the ability to reset forgotton PINs e
 >[!NOTE]
 > Visit the [Frequently Asked Questions](https://docs.microsoft.com/en-us/windows/access-protection/hello-for-business/hello-identity-verification#frequently-asked-questions) section of the Windows Hello for Business page and watch the **What happens when the user forgets their PIN?** video.
 
-## Privileged Workstation
+## Privileged Credentials
 
 **Requirements**
 * Hybrid and On-premises Windows Hello for Business deployments
 * Domain Joined or Hybird Azure joined devices
 * Windows 10, version 1709
 
-The privileged workstation scenario enables administrators to perform elevated, admistrative funcions by enrolling both their non-privileged and privileged credentials on their device.
+The privileged credentials scenario enables administrators to perform elevated, admistrative funcions by enrolling both their non-privileged and privileged credentials on their device.
 
 By design, Windows 10 does not enumerate all Windows Hello for Business users from within a user's session.  Using the computer Group Policy setting, Allow enumeration of emulated smartd card for all users, you can configure a device to all this enumeration on selected devices.  
 
diff --git a/windows/access-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md b/windows/access-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md
index 0bd7c0a3b1..552c519832 100644
--- a/windows/access-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md
+++ b/windows/access-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md
@@ -81,7 +81,7 @@ Organizations using older directory synchronization technology, such as DirSync
 <br>
 
 ## Federation with Azure ##
-You can deploy Windows Hello for Business key trust in non-federated and federated environments.  For non-federated envionments, key trust deployments work in environments that have deployed [Password Syncrhonization with Azure AD Connect](https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-implement-password-synchronization) and [Azure Active Directory Pass-through-Authentication](https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-pass-through-authentication).  For federated envirnonments, you can deploy Windows Hello for Business key trust using Active Directory Federation Services (AD FS) 2012 R2 or later. 
+You can deploy Windows Hello for Business key trust in non-federated and federated environments.  For non-federated environments, key trust deployments work in environments that have deployed [Password Synchronization with Azure AD Connect](https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-implement-password-synchronization) and [Azure Active Directory Pass-through-Authentication](https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-pass-through-authentication).  For federated environments, you can deploy Windows Hello for Business key trust using Active Directory Federation Services (AD FS) 2012 R2 or later. 
 
 ### Section Review ###
 > [!div class="checklist"]
@@ -91,7 +91,7 @@ You can deploy Windows Hello for Business key trust in non-federated and federat
 <br>
 
 ## Multifactor Authentication ##
-Windows Hello for Business is a strong, two-factor credential the helps organizations reduce their dependency on passwords.  The provisioning process lets a user enroll in Windows Hello for Business using their username and password as one factor. but needs a second factor of authentication.
+Windows Hello for Business is a strong, two-factor credential the helps organizations reduce their dependency on passwords.  The provisioning process lets a user enroll in Windows Hello for Business using their username and password as one factor, but needs a second factor of authentication.
 
 Hybrid Windows Hello for Business deployments can use Azure’s Multifactor Authentication service or they can use multifactor authentication provides by Windows Server 2012 R2 or later Active Directory Federation Services, which includes an adapter model that enables third parties to integrate their multifactor authentication into AD FS.
 
diff --git a/windows/access-protection/hello-for-business/toc.md b/windows/access-protection/hello-for-business/toc.md
index 5a8d5dd5c3..81267549c1 100644
--- a/windows/access-protection/hello-for-business/toc.md
+++ b/windows/access-protection/hello-for-business/toc.md
@@ -43,4 +43,4 @@
 ##### [Configure or Deploy Multifactor Authentication Services](hello-cert-trust-deploy-mfa.md)
 #### [Configure Windows Hello for Business Policy settings](hello-cert-trust-policy-settings.md)
 
-## [Windows Hello for Businesss Feature](hello-features.md)
\ No newline at end of file
+## [Windows Hello for Business Features](hello-features.md)
\ No newline at end of file