From 68d4c3fc7b0510245ac3220e9ce374fc131511dc Mon Sep 17 00:00:00 2001
From: Samuel Dion-Girardeau <samuel.diongirardeau@gmail.com>
Date: Mon, 15 May 2017 21:34:13 -0400
Subject: [PATCH] Document security features in the README

---
 README.rst | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/README.rst b/README.rst
index 0d3b709..1cb98aa 100644
--- a/README.rst
+++ b/README.rst
@@ -36,6 +36,17 @@ Anyway, this took us very little time to write, but we figure we'd save you the
 trouble of writing it yourself, because maybe you are busy and have other things
 to do.  Enjoy.
 
+Security
+~~~~~~~~
+
+Passwords are encrypted using `Fernet`_ symmetric encryption, from the `cryptography`_ library.
+A random unique key is generated for each password, and is never stored;
+it is rather sent as part of the password link.
+This means that even if someone has access to the Redis store, the passwords are still safe.
+
+.. _Fernet: https://cryptography.io/en/latest/fernet/
+.. _cryptography: https://cryptography.io/en/latest/
+
 Requirements
 ------------