diff --git a/src/content/docs/cloudflare-one/applications/non-http/short-lived-certificates-legacy.mdx b/src/content/docs/cloudflare-one/applications/non-http/short-lived-certificates-legacy.mdx
index c1824f937a6c94..4ecb63ee444fe8 100644
--- a/src/content/docs/cloudflare-one/applications/non-http/short-lived-certificates-legacy.mdx
+++ b/src/content/docs/cloudflare-one/applications/non-http/short-lived-certificates-legacy.mdx
@@ -85,7 +85,9 @@ Match host vm.example.com exec "/usr/local/bin/cloudflared access ssh-gen --host
 
 ### Connect through a browser-based terminal
 
-End users can connect to the SSH session without any configuration by using Cloudflare's browser-based terminal. Users visit the URL of the application and Cloudflare's terminal handles the short-lived certificate flow. To enable, refer to [Browser-rendered terminal](/cloudflare-one/applications/non-http/browser-rendering/).
+End users can connect to the SSH session without any configuration by using Cloudflare's browser-based terminal. To enable, refer to [Browser-rendered terminal](/cloudflare-one/applications/non-http/browser-rendering/).
+
+By default, the browser-based terminal prompts the user for a username/password login. If you would like to use certificate based authentication, make sure you have [created a short-lived certificate](#3-generate-a-short-lived-certificate-public-key) for the specific Access application configured for browser-rendered SSH.
 
 ---