diff --git a/README.md b/README.md
index 8e9eb08..09ca085 100644
--- a/README.md
+++ b/README.md
@@ -590,6 +590,7 @@ This would allow our TPM to unlock our encrypted drive, as long as the state has
 ```
 $ sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 --tpm2-public-key /etc/kernel/pcr-initrd.pub.pem /dev/nvme0n1p2
 ```
+**Warning**: It is recommended to use a pin to unlock the TPM, instead of allowing it to unlock automatically, for more security.
 
 ```
 Additional Flags
@@ -653,7 +654,7 @@ $ sudo cryptsetup token remove --token-id 1 /dev/nvme0n1p2
 ```
 Here we specify `token-id` as `1` based on the previous output of `luksDump`. Specify it correspondingy depending on what the token number is on your output of `luksDump`.
 
-Now repeat the steps from [TPM enrollment](https://github.com/joelmathewthomas/archinstall-luks2-lvm2-secureboot-tpm2?tab=readme-ov-file#13-enrolling-the-tpm) to renroll to the TPM.
+Now repeat the steps from [TPM enrollment](https://github.com/joelmathewthomas/archinstall-luks2-lvm2-secureboot-tpm2?tab=readme-ov-file#16-enrolling-the-tpm) to renroll to the TPM.
 
 
 With this, the guide has mostly covered on how to install Arch Linux, Encrypt disk with LUKS2 , use logical volumes with LVM2, how to setup Secure Boot, and how to enroll the TPM.