From c7523268bea70e6dd531b6e58962d5701844eb63 Mon Sep 17 00:00:00 2001
From: Laura <milanbartky@gmail.com>
Date: Sat, 16 Aug 2025 17:23:55 +0200
Subject: [PATCH] tweak

---
 README.md | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/README.md b/README.md
index a547554..f9b491f 100644
--- a/README.md
+++ b/README.md
@@ -133,7 +133,7 @@ go build -o whiskr
 
 ## Authentication (optional)
 
-whiskr supports simple, stateless authentication. If enabled, users must log in with a username and password before accessing the chat. Passwords are hashed using bcrypt (12 rounds).
+whiskr supports simple, stateless authentication. If enabled, users must log in with a username and password before accessing the chat. Passwords are hashed using bcrypt (12 rounds). If `authentication.enabled` is set to `false`, whiskr will not prompt for authentication at all.
 
 ```yaml
 authentication:
@@ -147,10 +147,6 @@ authentication:
 
 After a successful login, whiskr issues a signed (HMAC-SHA256) token, using the server secret (`tokens.secret` in `config.yml`). This is stored as a cookie and re-used for future authentications.
 
-### 5. Disabling authentication
-
-Set `authentication.enabled: false` in `config.yml` to allow open access.
-
 ## Usage
 
 - Send a message with `Ctrl+Enter` or the send button