diff --git a/internal/controller/oidc_controller_test.go b/internal/controller/oidc_controller_test.go
index 8c049727..b22ddc54 100644
--- a/internal/controller/oidc_controller_test.go
+++ b/internal/controller/oidc_controller_test.go
@@ -210,7 +210,7 @@ func TestOIDCController(t *testing.T) {
 
 		// --- authorize-complete ---
 		{
-			description:  "Shoud fail if oidc is disabled",
+			description:  "Should fail if oidc is disabled",
 			oidcDisabled: true,
 			run: func(t *testing.T, router *gin.Engine, recorder *httptest.ResponseRecorder) {
 				body, err := json.Marshal(AuthorizeCompleteRequest{Ticket: "some-ticket"})
diff --git a/internal/controller/user_controller_test.go b/internal/controller/user_controller_test.go
index d4cb2c0c..4f081b9b 100644
--- a/internal/controller/user_controller_test.go
+++ b/internal/controller/user_controller_test.go
@@ -290,7 +290,7 @@ func TestUserController(t *testing.T) {
 			},
 		},
 		{
-			description: "TOTP should gracefuly reject invalid json",
+			description: "TOTP should gracefully reject invalid json",
 			middlewares: []gin.HandlerFunc{},
 			run: func(t *testing.T, router *gin.Engine, recorder *httptest.ResponseRecorder) {
 				req := httptest.NewRequest("POST", "/api/user/totp", strings.NewReader(`{"code":`))