diff --git a/cookbook/security/remember_me.rst b/cookbook/security/remember_me.rst
index aea7eddcf53..43f38620ced 100644
--- a/cookbook/security/remember_me.rst
+++ b/cookbook/security/remember_me.rst
@@ -84,7 +84,8 @@ The ``remember_me`` firewall defines the following configuration options:
 
 ``secret`` (**required**)
     .. versionadded:: 2.8
-        Prior to Symfony 2.8, the ``secret`` option was named ``key``.
+        The ``secret`` option was introduced in Symfony 2.8. Prior to 2.8, it
+        was named ``key``.
 
     The value used to encrypt the cookie's content. It's common to use the
     ``secret`` value defined in the ``app/config/parameters.yml`` file.
diff --git a/reference/configuration/security.rst b/reference/configuration/security.rst
index 907a85246ef..7ebc489b2eb 100644
--- a/reference/configuration/security.rst
+++ b/reference/configuration/security.rst
@@ -180,7 +180,7 @@ Each part will be explained in the next section.
 
                     remember_me:
                         token_provider: name
-                        secret: someS3cretKey
+                        secret: "%secret%"
                         name: NameOfTheCookie
                         lifetime: 3600 # in seconds
                         path: /foo
@@ -227,7 +227,7 @@ Each part will be explained in the next section.
                                 domain:               ~
                         handlers:             []
                     anonymous:
-                        secret:               4f954a0667e01
+                        secret:               "%secret%"
                     switch_user:
                         provider:             ~
                         parameter:            _switch_user
@@ -246,6 +246,10 @@ Each part will be explained in the next section.
                 ROLE_ADMIN:      [ROLE_ORGANIZER, ROLE_USER]
                 ROLE_SUPERADMIN: [ROLE_ADMIN]
 
+.. versionadded:: 2.8
+    The ``secret`` option of ``anonymous`` and ``remember_me`` was introduced
+    in Symfony 2.8. Prior to 2.8, it was called ``key``.
+
 .. _reference-security-firewall-form-login:
 
 Form Login Configuration
@@ -479,7 +483,7 @@ multiple firewalls, the "context" could actually be shared:
 HTTP-Digest Authentication
 --------------------------
 
-To use HTTP-Digest authentication you need to provide a realm and a key:
+To use HTTP-Digest authentication you need to provide a realm and a secret:
 
 .. configuration-block::
 
@@ -490,7 +494,7 @@ To use HTTP-Digest authentication you need to provide a realm and a key:
             firewalls:
                 somename:
                     http_digest:
-                        key: "a_random_string"
+                        secret: "%secret%"
                         realm: "secure-api"
 
     .. code-block:: xml
@@ -498,7 +502,7 @@ To use HTTP-Digest authentication you need to provide a realm and a key:
         <!-- app/config/security.xml -->
         <security:config>
             <firewall name="somename">
-                <http-digest key="a_random_string" realm="secure-api" />
+                <http-digest secret="%secret%" realm="secure-api" />
             </firewall>
         </security:config>
 
@@ -509,12 +513,16 @@ To use HTTP-Digest authentication you need to provide a realm and a key:
             'firewalls' => array(
                 'somename' => array(
                     'http_digest' => array(
-                        'key'   => 'a_random_string',
-                        'realm' => 'secure-api',
+                        'secret' => '%secret%',
+                        'realm'  => 'secure-api',
                     ),
                 ),
             ),
         ));
 
+.. versionadded:: 2.8
+    The ``secret`` option was introduced in Symfony 2.8. Prior to 2.8, it was
+    called ``key``.
+
 .. _`PBKDF2`: https://en.wikipedia.org/wiki/PBKDF2
 .. _`ircmaxell/password-compat`: https://packagist.org/packages/ircmaxell/password-compat