diff --git a/fastapi/security/oauth2.py b/fastapi/security/oauth2.py
index 661043ce7b..4589c6783c 100644
--- a/fastapi/security/oauth2.py
+++ b/fastapi/security/oauth2.py
@@ -143,7 +143,7 @@ class OAuth2PasswordRequestForm:
             Form(json_schema_extra={"format": "password"}),
             Doc(
                 """
-                If there's a `client_password` (and a `client_id`), they can be sent
+                If there's a `client_secret` (and a `client_id`), they can be sent
                 as part of the form fields. But the OAuth2 specification recommends
                 sending the `client_id` and `client_secret` (if any) using HTTP Basic
                 auth.
@@ -309,7 +309,7 @@ class OAuth2PasswordRequestFormStrict(OAuth2PasswordRequestForm):
             Form(),
             Doc(
                 """
-                If there's a `client_password` (and a `client_id`), they can be sent
+                If there's a `client_secret` (and a `client_id`), they can be sent
                 as part of the form fields. But the OAuth2 specification recommends
                 sending the `client_id` and `client_secret` (if any) using HTTP Basic
                 auth.