-OPAQUE is an implementation of a PAKE (Passwor-Authenticated Key Exchange) protocol. This allows for authentication of a user without requiring the password credentials to be stored on the server. To generate the server credentials:
+OPAQUE is an implementation of a PAKE (Password-Authenticated Key Exchange) protocol. This allows for the authentication of a user without the server ever possessing the underlying password. To generate the server credentials:
```
-docker run -v comm-identity-secrets:/home/comm/app/identity/secrets identity keygen
+cd services/identity
+mkdir secrets/
+docker run -v $(pwd)/secrets:/home/comm/app/identity/secrets commapp/identity-server:<tag> identity keygen
```
-**NOTE:** This OPAQUE keypair is used to encrypt the password credentials of all users. The contents of this file should be persisted in a safe manner beyond a Docker volume.
+**NOTE:** This OPAQUE keypair is used to encrypt the password credentials of all users. The contents of this file should be persisted safely.