update based on gmourier's review

Author: maryamsulemani97

learn/security/master_api_keys.md

@@ -86,14 +86,14 @@ You can access the [`/keys` route](/reference/api/keys.md) using the master key
 
 Though the default API keys are usually enough to manage the security needs of most applications, this might not be the case when dealing with privacy-sensitive data. In these situations, the fine-grained control offered by the `/keys` endpoint allows you to clearly decide who can access what information and for how long.
 
-The [`key`](/reference/api/keys.md#key) field is generated by hashing the master key and the [`uid`](/reference/api/keys.md#uid):
+The [`key`](/reference/api/keys.md#key) field is generated by hashing the master key and the [`uid`](/reference/api/keys.md#uid). As a result, `key` values are deterministic between instances sharing the same configuration. Since the `key` field depends on the master key, it is not propagated to dumps and snapshots. If a malicious user ever gets access to your dumps or snapshots, they will not have access to your instance's API keys.
+
+It is, therefore, possible to determine the value of the `key` field by using the following command:
 
 ```bash
 echo -n $HYPHENATED_UUID | openssl dgst -sha256 -hmac $MASTER_KEY
 ```
 
-As a result, `key` values are deterministic between instances sharing the same configuration. Since the `key` field depends on the master key, it is not propagated to dumps and snapshots. If a malicious user ever gets access to your dumps or snapshots, they will not have access to your instance's API keys.
-
 This is also useful in continuous deployment processes as you know the value of the `key` field in advance.
 
 ### Updating an API key