diff --git a/docs/authors.txt b/docs/authors.txt
index 4550ac7f1e..07e331f321 100644
--- a/docs/authors.txt
+++ b/docs/authors.txt
@@ -6,3 +6,4 @@
 .. _Mike Wasson: https://github.com/mikewasson
 .. _Erik Reitan: https://github.com/Erikre
 .. _Pranav Rastogi: https://github.com/rustd
+.. _Eilon Lipton: https://github.com/Eilon
\ No newline at end of file
diff --git a/docs/security/safe-storage-app-secrets.rst b/docs/security/safe-storage-app-secrets.rst
new file mode 100644
index 0000000000..5643d7dbf1
--- /dev/null
+++ b/docs/security/safe-storage-app-secrets.rst
@@ -0,0 +1,28 @@
+Safe Storage of Application Secrets
+===================================
+
+By `Rick Anderson`_ and `Eilon Lipton`_
+
+This tutorial shows how your application can securely store and access secrets. The most important point is you should never store passwords or other sensitive data in source code, and you shouldn't use production secrets in development and test mode.
+
+In this article:
+	- `Environment variables`_
+
+Environment variables
+^^^^^^^^^^^^^^^^^^^^^
+
+`DNX <http://docs.asp.net/en/latest/dnx/overview.html>`_ reads environment variables, and if a key is found in a configuration file and the environment, the environment value takes precedence over the configuration file. The following code, taken from the *Startup.cs* file of a new ASP.NET MVC 6 web app, shows how to set up 
+
+dnvm use default <-- necessary
+For VS15 RC, you must edit C:\Users\<username>\.dnx\bin\packages\SecretManager\1.0.0-beta4\app\project.json and remove the "-10173" version from line containing  
+
+``"SecretManager": "1.0.0-beta4-10173" ``
+
+The completed markup is shown below:
+
+{
+  "version": "1.0.0-*",
+  "description": "ASP.NET 5 tool to manage user secrets.",
+  "dependencies": {
+    "SecretManager": "1.0.0-beta4"
+  },
\ No newline at end of file