diff --git a/README.md b/README.md
index 6dc366b..0e4bf75 100644
--- a/README.md
+++ b/README.md
@@ -8,6 +8,7 @@ A modern web-based RSS feed reader built with Rust and Rocket. Features a clean,
 - Organize feeds with categories
 - Multi-user support with admin capabilities
 
+
 ## Installation
 
 ### Using Nix
@@ -33,6 +34,15 @@ This project is packaged with Nix flakes. To install and run it:
    nix run git+https://code.everydayimshuflin.com/greg/rss-reader -- --demo
    ```
 
+The application requires a `SECRET_KEY` environment variable to be set in order
+to run. This key is used for encrypting cookies and other security-related
+functionality. This is the same secret key described in [Rocket's
+documentation](https://rocket.rs/guide/v0.5/configuration/#secret-key).
+
+You can generate a suitable secret key using OpenSSL:
+```bash
+export SECRET_KEY=$(openssl rand -base64 32)
+```
 ### Development
 
 To set up a development environment:
@@ -43,12 +53,17 @@ To set up a development environment:
    cd rss-reader
    ```
 
-2. Enter the development shell:
+2. Generate a secret key and set it in your environment:
+   ```bash
+   export SECRET_KEY=$(openssl rand -base64 32)
+   ```
+
+3. Enter the development shell:
    ```bash
    nix develop
    ```
 
-3. Run the application:
+4. Build and run the application from source:
    ```bash
    # Run with a persistent database
    cargo run -- -d rss-reader.db
@@ -59,10 +74,24 @@ To set up a development environment:
 
 The application will be available at `http://localhost:8000`. 
 
+### Running in Production
+
+For production deployments, make sure to:
+1. Generate a strong secret key:
+   ```bash
+   openssl rand -base64 32
+   ```
+2. Set it permanently in your environment or service configuration:
+   ```bash
+   export SECRET_KEY="your-generated-key"
+   ```
+3. Keep this key consistent across application restarts to maintain user sessions
+4. Never share or commit this key to version control
+
 ### Demo Mode
 
 When running in demo mode (using the `--demo` flag), the application will:
 - Use an in-memory SQLite database that is cleared when the application stops
 - Create two pre-configured users:
   - Admin user: username `admin`, password `admin`
-  - Regular user: username `demo`, password `demo` 
\ No newline at end of file
+  - Regular user: username `demo`, password `demo`