From 3fb0cb91a979241d403f62b1b6af35cd7385a23f Mon Sep 17 00:00:00 2001
From: Ryan Ernst <ryan@iernst.net>
Date: Tue, 9 Jan 2018 15:01:37 -0800
Subject: [PATCH] Docs: Clarify password protection support with keystore
 (#28157)

closes #27932
---
 docs/reference/setup/secure-settings.asciidoc | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/docs/reference/setup/secure-settings.asciidoc b/docs/reference/setup/secure-settings.asciidoc
index 933e649da58fd..78731f7663d11 100644
--- a/docs/reference/setup/secure-settings.asciidoc
+++ b/docs/reference/setup/secure-settings.asciidoc
@@ -3,8 +3,7 @@
 
 Some settings are sensitive, and relying on filesystem permissions to protect
 their values is not sufficient. For this use case, Elasticsearch provides a
-keystore, which may be password protected, and the `elasticsearch-keystore`
-tool to manage the settings in the keystore.
+keystore and the `elasticsearch-keystore` tool to manage the settings in the keystore.
 
 NOTE: All commands here should be run as the user which will run Elasticsearch.
 
@@ -14,6 +13,9 @@ documentation for each setting to see if it is supported as part of the keystore
 NOTE: All the modifications to the keystore take affect only after restarting
 Elasticsearch.
 
+NOTE: The elasticsearch keystore currently only provides obfuscation. In the future,
+password protection will be added.
+
 [float]
 [[creating-keystore]]
 === Creating the keystore