diff --git a/WordPress-Security-Tips.md b/WordPress-Security-Tips.md
index bc205cd..b07765e 100644
--- a/WordPress-Security-Tips.md
+++ b/WordPress-Security-Tips.md
@@ -40,9 +40,9 @@ Every time WordPress is installed or updated a file called readme.html is includ
 
 WordPress and plugin authors are constantly fixing bugs and security issues within their code and releasing new versions. At the time of writing only [21.5%](http://wordpress.org/about/stats/) of WordPress blogs are running the latest version.
 
-11. Login over HTTPS.
+11. Administration over SSL.
 
-The wp-login.php file is often accessed over un-encrypted channels such as HTTP. By ensuring the connection is encrypted when you submit your login credentials you reduce the risk of Man In The Middle (MITM) attacks.
+The wp-login.php file is often accessed over un-encrypted channels such as HTTP. By ensuring the connection is encrypted when you submit your login credentials you reduce the risk of Man In The Middle (MITM) attacks. For further information see: [http://codex.wordpress.org/Administration_Over_SSL](http://codex.wordpress.org/Administration_Over_SSL)
 
 12. Use unprivileged database user for non-admin functionality. (needs some WP modification)