diff --git a/src/content/docs/turnstile/get-started/server-side-validation.mdx b/src/content/docs/turnstile/get-started/server-side-validation.mdx
index 5c5d4d5256486db..68b2a6c7d0b362d 100644
--- a/src/content/docs/turnstile/get-started/server-side-validation.mdx
+++ b/src/content/docs/turnstile/get-started/server-side-validation.mdx
@@ -290,9 +290,9 @@ A validation error is indicated by having the `success` property set to `false`.
 | <div style="width:200px">Error code</div> | Description                                                                                                                                                                 |
 | ----------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | `missing-input-secret`                    | The secret parameter was not passed.                                                                                                                                        |
-| `invalid-input-secret`                    | The secret parameter was invalid or did not exist.                                                                                                                          |
+| `invalid-input-secret`                    | The secret parameter was invalid, did not exist, or is a [testing secret key](/turnstile/troubleshooting/testing) with a non-testing response.                              |
 | `missing-input-response`                  | The response parameter (token) was not passed.                                                                                                                              |
 | `invalid-input-response`                  | The response parameter (token) is invalid or has expired. Most of the time, this means a fake token has been used. If the error persists, contact customer support.         |
 | `bad-request`                             | The request was rejected because it was malformed.                                                                                                                          |
 | `timeout-or-duplicate`                    | The response parameter (token) has already been validated before. This means that the token was issued five minutes ago and is no longer valid, or it was already redeemed. |
-| `internal-error`                          | An internal error happened while validating the response. The request can be retried.                                                                                       |
+| `internal-error`                          | An internal error happened while validating the response. The request can be retried.                                                                                       |
\ No newline at end of file
diff --git a/src/content/docs/turnstile/troubleshooting/testing.mdx b/src/content/docs/turnstile/troubleshooting/testing.mdx
index 1863adc4c898c40..5537889f430828b 100644
--- a/src/content/docs/turnstile/troubleshooting/testing.mdx
+++ b/src/content/docs/turnstile/troubleshooting/testing.mdx
@@ -36,4 +36,6 @@ Production secret keys will reject this token. You must also use a dummy secret
 | `2x0000000000000000000000000000000AA` | Always fails                         |
 | `3x0000000000000000000000000000000AA` | Yields a "token already spent" error |
 
-Dummy secret keys should never be used in production as it will accept any response token as valid.
+Dummy secret keys will only accept the `XXXX.DUMMY.TOKEN.XXXX` dummy response token.
+
+If you pass a real response, it will fail to prevent common misconfigurations.