diff --git a/docs/service_architecture.md b/docs/service_architecture.md
index 9d79db9ed6..88582cdf2b 100644
--- a/docs/service_architecture.md
+++ b/docs/service_architecture.md
@@ -344,7 +344,7 @@ decrypted key depends on the type and combination of keys that were compromised
 
   No other keys are needed, since the attacker can just any rotate or all of them to ones that they
   generate. With these keys, they can set up a mirror to serve malicious data - any malicious data
-  at all, given that they have acess to all the keys.
+  at all, given that they have access to all the keys.
 
 - **Decrypted Root Key + none or any combination of decrypted keys + Notary Service write-capable credentials**
 
diff --git a/trustmanager/yubikey/yubikeystore.go b/trustmanager/yubikey/yubikeystore.go
index 0d351bdeb7..a9ad7c2746 100644
--- a/trustmanager/yubikey/yubikeystore.go
+++ b/trustmanager/yubikey/yubikeystore.go
@@ -143,7 +143,7 @@ type yubikeySigner struct {
 }
 
 // NewYubiPrivateKey returns a YubiPrivateKey, which implements the data.PrivateKey
-// interface except that the private material is inacessible
+// interface except that the private material is inaccessible
 func NewYubiPrivateKey(slot []byte, pubKey data.ECDSAPublicKey,
 	passRetriever notary.PassRetriever) *YubiPrivateKey {