changed instructions

Global/pwdform.skin

@@ -4,13 +4,16 @@
 <tr>
 <td width="500" align="left" valign="top" bgcolor="#ffffff">
 
-<big>Choose username and password for helma's manager:</big><br>
+<big>Username and password for helma's manager:</big><br>
 
-Please choose an username and password combination to access the
+<p>Please choose an username and password combination to access the
-manage application of this server. They will be saved md5-encoded
+manage application of this server. They will be appended md5-encoded
-to the server.properties file. Later you can change these settings
+to the server.properties file. You can change the settings manually
-either manually by editing the server.properties file or through
+by editing the server.properties file or through this webinterface
-this webinterface in manage/makekey
+in manage/makekey (from localhost only!).</p>
+<p>This is a stupid script and doesn't check wheter these properties
+are already set in this file. So if you've already set username and
+password you need to delete the old values manually.</p>
 
 <font color="red"><% param.msg %></font>
 <form method="post">
@@ -20,9 +23,9 @@ this webinterface in manage/makekey
 <input class="formEl" type="submit" value="save to server.properties"><br>
 </form>
 
-Username and password are transmitted in an unsafe cleartext way.
+<p><b>Warning:</b> The used http-authorization transmits username and password
-Therefore you're strongly discouraged to use any given combination
+in an unsafe cleartext way. Therefore you're strongly discouraged to
-that is normally protected through ssh.
+use any given combination that is normally protected through SSH.</p>
 
 </td></tr>
 </table>