diff --git a/features/http-auth.xml b/features/http-auth.xml
index 4a9414ba92..ca08581023 100644
--- a/features/http-auth.xml
+++ b/features/http-auth.xml
@@ -61,7 +61,7 @@
    controls a non-authenticated URL from stealing passwords from
    authenticated URLs on the same server.</simpara>
   <simpara>
-   Both Netscape and Internet Explorer will clear the local browser
+   Both Netscape Navigator and Internet Explorer will clear the local browser
    window's authentication cache for the realm upon receiving a
    server response of 401. This can effectively "log out" a user,
    forcing them to re-enter their username and password. Some people
@@ -99,12 +99,14 @@
    standard, so you should never depend on this. Testing with Lynx
    has shown that Lynx does not clear the authentication credentials
    with a 401 server response, so pressing back and then forward
-   again will open the resource (as long as the credential
-   requirements haven't changed).</simpara>
+   again will open the resource as long as the credential
+   requirements haven't changed. The user can press the
+   '_' key to clear their authentication information, however.
+  </simpara>
   <simpara>
    Also note that this does not work using Microsoft's IIS server and
-   the CGI version of PHP due to a limitation of IIS.</simpara>
-
+   the CGI version of PHP due to a limitation of IIS.
+  </simpara>
  </chapter>
 
 <!-- Keep this comment at the end of the file