diff --git a/en_US.ISO8859-1/books/handbook/security/chapter.sgml b/en_US.ISO8859-1/books/handbook/security/chapter.sgml
index 6ddcf36854..be269d73ae 100644
--- a/en_US.ISO8859-1/books/handbook/security/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/security/chapter.sgml
@@ -1063,8 +1063,8 @@
       Kerberos password; we will call this a <quote>Unix password</quote>.
       The second sort is the one-time password which is generated by the
       S/Key <command>key</command> program or the OPIE
-      <command>opiekey</command> program and accepted by the
-      <command>keyinit</command> or <command>opiepasswd</command> programs
+      &man.opiekey.1; program and accepted by the
+      <command>keyinit</command> or &man.opiepasswd.1; programs
       and the login prompt; we will
       call this a <quote>one-time password</quote>.  The final sort of
       password is the secret password which you give to the
@@ -1077,7 +1077,7 @@
 
     <para>The secret password does not have anything to do with your Unix
       password; they can be the same but this is not recommended.  S/Key
-      and OPIE passwords are not limited to 8 characters like Unix
+      and OPIE secret passwords are not limited to 8 characters like Unix
       passwords, they can be as long as you like.  Passwords of six or
       seven word long phrases are fairly common.  For the most part, the
       S/Key or OPIE system operates completely independently of the Unix