diff --git a/goatherd.go b/goatherd.go
index ae33f0d45f7694b5fffb7de1736720e6167ba259..a50de5ba4c64c951d09adcb4d7d6fe1fdd460b10 100644
--- a/goatherd.go
+++ b/goatherd.go
@@ -19,7 +19,7 @@ import (
 
 var cfg struct {
     Db_url string
-    Window uint64
+    Lookahead uint64
     Debug bool
     Listen string
     Tls struct { Key, Cert string }
@@ -132,7 +132,7 @@ func transaction_failed(err error) bool {
 }
 
 // Retrieve secret and count for given username and try to find a match within
-// the window range. Update count in DB if match is found. All within a
+// the lookahead range. Update count in DB if match is found. All within a
 // transaction, retrying if it fails.
 func check_offer(db *sql.DB, remote net.Addr, name string, offer string) (ok bool, err error) {
     for {
@@ -154,8 +154,7 @@ func check_offer(db *sql.DB, remote net.Addr, name string, offer string) (ok boo
             debugf("[%v] hotp nil")
         }
 
-        // always do `cfg.Window` iterations to avoid user enumeration
-        for i = 0; i < cfg.Window; i++ {
+        for i = 0; i < cfg.Lookahead; i++ {
             debugf("[%v] checking for match (offset %v)", remote, i)
             if hotp != nil && !ok {
                 // .Check increments .Counter if successfull
@@ -244,7 +243,7 @@ func main() {
 
     // also settable in config file
     flag.StringVar(&cfg.Db_url, "db-url", ":memory:", "URL used to connect to the database.")
-    flag.Uint64Var(&cfg.Window, "window", 10, "Counter range to check for matching OTPs.")
+    flag.Uint64Var(&cfg.Lookahead, "lookahead", 10, "Counter range to check for matching OTPs.")
     flag.BoolVar(&cfg.Debug, "debug", false, "Enable debug output.")
     flag.StringVar(&cfg.Listen, "listen", "127.0.0.1:9999", "Address to listen on.")
     flag.StringVar(&cfg.Tls.Key, "tls-key", "", "Use TLS.")