diff --git a/python/stdlib/hmac_timing_attack.py b/python/stdlib/hmac_timing_attack.py
index b20f5c4..26c37dd 100644
--- a/python/stdlib/hmac_timing_attack.py
+++ b/python/stdlib/hmac_timing_attack.py
@@ -1,3 +1,6 @@
+# This example demostrates an insecure way of comparing a digest
+# that exposes the code to a timing attack. This is because using
+# equals operator on digest does not compare in constant time.
 import hmac
 
 
@@ -10,4 +13,5 @@
 password = b"pass"
 digest = hmac.digest(key, password, digest="sha224")
 
-return digest == received_digest
+if digest == received_digest:
+    print("Authentication okay")