Clarified the hash issue further

draft/tutorial/control-access-to-mongodb-with-authentication.txt

@@ -203,21 +203,28 @@ Given this scenario, Eve can take the hash of Alice’s password from the
       { "_id": ObjectId("507420ba032a960d16f43951"), "user": "eve", "readOnly": false, "pwd": "5dcc2819b97e68d5cfe51da6cae8a7f6" }
 
    Alice has read and write accounts on both ``db1`` and ``db2`` and
-   also has access on the ``admin`` database. Consider the following:
+   also has access on the ``admin`` database. Consider the following
+   example where Alice authenticates to the ``admin`` db:
 
    .. code-block:: javascript
 
       use admin
       db.auth("alice", "pass")
 
+   Running a ``find`` on the ``system.users`` collection:
+
+   .. code-block:: javascript
+
       db.system.users.find()
 
-   This operation returns the following document:
+   shows the same password has been used and the hash is the same:
 
    .. code-block:: javascript
 
       { "_id": ObjectId("50742045032a960d16f43950"), "user": "alice", "readOnly": false, "pwd": "ac2061b4a08ef8f2d60a07dc18ab4a0a" }
 
+We would like to thank Will Urbanksi, from Dell SecureWorks, for helping 10gen here.
+
 Configuration Considerations for Authentication
 -----------------------------------------------