From a3c1154bd076d8daae0ec83eae3450cc3310cf3c Mon Sep 17 00:00:00 2001
From: Andrew Engelbrecht <andrew@engelbrecht.io>
Date: Mon, 11 Oct 2021 23:58:16 -0400
Subject: [PATCH] more comments on security model

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index f291f2d..d84b9b7 100644
--- a/README.md
+++ b/README.md
@@ -74,8 +74,8 @@ systems, and it offers the rest-server mode for interaction.
 Kaya trusts the central backup server, so it stores the restic repo password in
 plain text in each repo's data directory. That way, it doesn't have to be
 synced from the backup server after initializaing the repository, copied to
-each backup target, and quickly changed after cloning a production server (see
-below).
+each backup target, saved in your password list for recoveries, nor quickly
+changed after cloning a production server (see below).
 
 With that in mind, the file system you back up to should be encrypted with
 LUKS, and it should require a password during the boot process, or when
-- 
2.25.1