diff --git a/src/documents/blog/2016-11-03-keepass.html.md b/src/documents/blog/2016-11-03-keepass.html.md
index d2b09f6..814b297 100644
--- a/src/documents/blog/2016-11-03-keepass.html.md
+++ b/src/documents/blog/2016-11-03-keepass.html.md
@@ -20,8 +20,10 @@ While KeePass includes encryption for our password storage, we also want another
 To start, you'll want to add a .htpasswd file for the credentials to be stored in - I put mine in /etc/apache2 using the following command:
 ``` bash
 sudo htpasswd -c /etc/apache2/.htpasswd username
+sudo chown www-data:www-data /etc/apache2/.htpasswd
+sudo chmod 600 /etc/apache2/.htpasswd
 ```
-This will prompt you to enter a password, and will save it to that file. You'll want to run this as root, to have write access.
+This will prompt you to enter a password, and will save it to that file. The permissions are also then changed to allow Apache to read the file, and to prevent other users from reading it.
 
 You can then add the following to your VirtualHost configuration, to enable the authentication:
 ``` apache