The security component must be installed to use csrf_token()

security/csrf_in_login_form.rst

@@ -16,8 +16,13 @@ for CSRF. In this article you'll learn how you can use it in your login form.
 Configuring CSRF Protection
 ---------------------------
 
-First, make sure that the CSRF protection is enabled in the main configuration
-file:
+First, install the Security component in your project:
+
+.. code-block:: terminal
+
+    $ composer require security
+
+Then, enable the CSRF protection in the framework configuration file:
 
 .. configuration-block::
 
@@ -52,8 +57,8 @@ file:
             'csrf_protection' => null,
         ));
 
-Then, the security component needs a CSRF token provider. You can set this to
-use the default provider available in the security component:
+The security component needs a CSRF token provider. You can set this to use the
+default provider available in the security component:
 
 .. configuration-block::