diff --git a/12/umbraco-forms/developer/ajaxforms.md b/12/umbraco-forms/developer/ajaxforms.md
index ba284600f53..d38386540d1 100644
--- a/12/umbraco-forms/developer/ajaxforms.md
+++ b/12/umbraco-forms/developer/ajaxforms.md
@@ -524,7 +524,7 @@ Firstly, with server-to-server integrations you will want to disable the antifor
 
 This is done by setting the `Umbraco:Forms:Security:EnableAntiForgeryTokenForFormsApi` configuration key to a value of `false`.
 
-You should then configure an API key `Umbraco:Forms:Security:FormsApiKey`.  This can be any string value, but shouldn't be easily guessable by a brute force attack.
+You should then configure an API key `Umbraco:Forms:Security:FormsApiKey`. This can be any string value, but it should be complex enough to resist being guessed by a brute force attack.
 
 With this in place any request to the Forms API will be rejected unless the configured value is provided in an HTTP header named `Api-Key`.
 
@@ -538,7 +538,7 @@ Examples demonstrating how to handle a file upload and use reCAPTCHA fields are
 
 The [Content Delivery API](https://docs.umbraco.com/umbraco-cms/v/12.latest/reference/content-delivery-api) provides headless capabilities within Umbraco by allowing you to retrieve content in JSON format.
 
-When retrieving content that contains an Umbraco Forms form picker, the output by default will consist of just the ID of the selected form:
+When retrieving content that contains an Umbraco Forms form picker, the output by default will consist of the ID of the selected form:
 
 ```json
 {
diff --git a/13/umbraco-forms/developer/ajaxforms.md b/13/umbraco-forms/developer/ajaxforms.md
index ba284600f53..35d31b96c35 100644
--- a/13/umbraco-forms/developer/ajaxforms.md
+++ b/13/umbraco-forms/developer/ajaxforms.md
@@ -524,7 +524,7 @@ Firstly, with server-to-server integrations you will want to disable the antifor
 
 This is done by setting the `Umbraco:Forms:Security:EnableAntiForgeryTokenForFormsApi` configuration key to a value of `false`.
 
-You should then configure an API key `Umbraco:Forms:Security:FormsApiKey`.  This can be any string value, but shouldn't be easily guessable by a brute force attack.
+You should then configure an API key `Umbraco:Forms:Security:FormsApiKey`.  This can be any string value, but it should be complex enough to resist being guessed by a brute force attack.
 
 With this in place any request to the Forms API will be rejected unless the configured value is provided in an HTTP header named `Api-Key`.
 
@@ -538,7 +538,7 @@ Examples demonstrating how to handle a file upload and use reCAPTCHA fields are
 
 The [Content Delivery API](https://docs.umbraco.com/umbraco-cms/v/12.latest/reference/content-delivery-api) provides headless capabilities within Umbraco by allowing you to retrieve content in JSON format.
 
-When retrieving content that contains an Umbraco Forms form picker, the output by default will consist of just the ID of the selected form:
+When retrieving content that contains an Umbraco Forms form picker, the output by default will consist of the ID of the selected form:
 
 ```json
 {