diff --git a/docs/usage/self-hosted-configuration.md b/docs/usage/self-hosted-configuration.md
index 096cb4a26afb95..532153353a3f95 100644
--- a/docs/usage/self-hosted-configuration.md
+++ b/docs/usage/self-hosted-configuration.md
@@ -555,12 +555,11 @@ Information provided mainly in debug log level.
 
 ## encryptedWarning
 
-By default, Renovate does _not_ warn you if it finds an encrypted secret in your config.
-But if you set an `encryptedWarning` text, then Renovate will:
-
-- print the `encryptedWarning` text in the logs
-- show the `encryptedWarning` text on your Dependency Dashboard
-- raise a warning in every pull request description
+Use this if you want to stop supporting `encrypted` configuration capabilities but want to warn users first to migrate.
+If set to a string value, Renovate will:
+- log warnings with the `encryptedWarning` text
+- show the `encryptedWarning` text on the Dependency Dashboard of any repo using `encrypted` config
+- include the text as a warning in every pull request
 
 ## endpoint
 
diff --git a/lib/config/options/index.ts b/lib/config/options/index.ts
index a9367247418c1e..051ab46bae8929 100644
--- a/lib/config/options/index.ts
+++ b/lib/config/options/index.ts
@@ -630,7 +630,7 @@ const options: RenovateOptions[] = [
   {
     name: 'encryptedWarning',
     description:
-      'Renovate will print this string to the logs, and show it on your Dependency Dashboard, if it finds encrypted tokens in your Renovate configuration.',
+      'Warning text to use if encrypted config is found.',
     type: 'string',
     globalOnly: true,
   },