diff --git a/oauth2.go b/oauth2.go
index 7234e00..a047a5f 100644
--- a/oauth2.go
+++ b/oauth2.go
@@ -117,7 +117,7 @@ func SetAuthURLParam(key, value string) AuthCodeOption {
 // that asks for permissions for the required scopes explicitly.
 //
 // State is a token to protect the user from CSRF attacks. You must
-// always provide a non-zero string and validate that it matches the
+// always provide a non-empty string and validate that it matches the
 // the state query parameter on your redirect callback.
 // See http://tools.ietf.org/html/rfc6749#section-10.12 for more info.
 //