From 3eb5dfeef066730f5e209105c59538c91f290215 Mon Sep 17 00:00:00 2001
From: Mathieu <mathieu.paquet@viacesi.fr>
Date: Sat, 5 Dec 2015 11:03:39 +0100
Subject: [PATCH 1/3] Update security.rst

| Q             | A
| ------------- | ---
| Doc fix?      | yes
| New docs?     | no
| Applies to    | 2.3 <2.7
| Fixed tickets | #10575
---
 book/security.rst | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/book/security.rst b/book/security.rst
index 8cf0a2b4174..9ae4186caf9 100644
--- a/book/security.rst
+++ b/book/security.rst
@@ -577,6 +577,10 @@ like this:
             // ...
         ));
 
+.. caution::
+
+    Beware this is a public tool and it should not be used with real passwords because of the risk of farming or other security issues.
+    
 Everything will now work exactly like before. But if you have dynamic users
 (e.g. from a database), how can you programmatically encode the password
 before inserting them into the database? Don't worry, see

From 745f24fce5063da91e8ed203d86a14432f372076 Mon Sep 17 00:00:00 2001
From: Mathieu <mathieu.paquet@viacesi.fr>
Date: Sat, 5 Dec 2015 12:37:26 +0100
Subject: [PATCH 2/3] Update security.rst

---
 book/security.rst | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/book/security.rst b/book/security.rst
index 9ae4186caf9..09ac3caa575 100644
--- a/book/security.rst
+++ b/book/security.rst
@@ -508,8 +508,9 @@ else, you'll want to encode their passwords. The best algorithm to use is
 .. include:: /cookbook/security/_ircmaxwell_password-compat.rst.inc
 
 Of course, your users' passwords now need to be encoded with this exact algorithm.
-For hardcoded users, you can use an `online tool`_, which will give you something
-like this:
+For hardcoded users, you can use an `online tool`_ (this is a public tool and it should not be used with real passwords because of the risk of farming or other possible security issues).
+
+It will give you something like this:
 
 .. configuration-block::
 
@@ -577,10 +578,7 @@ like this:
             // ...
         ));
 
-.. caution::
 
-    Beware this is a public tool and it should not be used with real passwords because of the risk of farming or other security issues.
-    
 Everything will now work exactly like before. But if you have dynamic users
 (e.g. from a database), how can you programmatically encode the password
 before inserting them into the database? Don't worry, see

From cadcc58c1a1e2c6ec4330b066b2d2380c53bfb2c Mon Sep 17 00:00:00 2001
From: Mathieu <mathieu.paquet@viacesi.fr>
Date: Sat, 5 Dec 2015 12:38:14 +0100
Subject: [PATCH 3/3] Update security.rst

---
 book/security.rst | 1 -
 1 file changed, 1 deletion(-)

diff --git a/book/security.rst b/book/security.rst
index 09ac3caa575..02df56fc781 100644
--- a/book/security.rst
+++ b/book/security.rst
@@ -578,7 +578,6 @@ It will give you something like this:
             // ...
         ));
 
-
 Everything will now work exactly like before. But if you have dynamic users
 (e.g. from a database), how can you programmatically encode the password
 before inserting them into the database? Don't worry, see