diff --git a/README.rst b/README.rst
index a6dd964191083b62432e28d0a00c3f78637744bd..5d2e761d71f283708e2dfe123d8a123b3ce7ecc7 100644
--- a/README.rst
+++ b/README.rst
@@ -43,3 +43,7 @@ TODO
 - Output log to syslog.
 - Collectd metrics.
 - TLS connection.
+- Don't set a password for the root account, it's only accessible from the
+  machine itself. Instead create an admin account, without root priviliges and
+  with mandatory SSL for connecting. Also, other roles will set mandatory SSL
+  for their connections.