diff --git a/wp-login.php b/wp-login.php
index 324b28c88..19f49d469 100644
--- a/wp-login.php
+++ b/wp-login.php
@@ -477,7 +477,7 @@ default:
 		$redirect_to = admin_url();
 	}
 
-	// If the user was redirect to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure
+	// If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure
 	// cookie and redirect back to the referring non-secure admin page.  This allows logins to always be POSTed over SSL while allowing the user to choose visiting
 	// the admin via http or https.
 	if ( !$secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && ( 0 !== strpos($redirect_to, 'https') ) && ( 0 === strpos($redirect_to, 'http') ) )