diff --git a/build/ublue-os-luks/luks-enable-tpm2-autounlock b/build/ublue-os-luks/luks-enable-tpm2-autounlock
index f22d991..1b08cae 100755
--- a/build/ublue-os-luks/luks-enable-tpm2-autounlock
+++ b/build/ublue-os-luks/luks-enable-tpm2-autounlock
@@ -1,11 +1,15 @@
 #!/bin/bash
 ## enable auto-unlock LUKS2 encrypted root on Fedora/Silverblue/maybe others
-set -euo pipefail
+set -eou pipefail
 
 [ "$UID" -eq 0 ] || { echo "This script must be run as root."; exit 1;}
 
-echo "This script utilizes systemd-cryptenroll to enable tpm2 auto-unlock."
+echo "This script uses systemd-cryptenroll to enable TPM2 auto-unlock."
 echo "You can review systemd-cryptenroll's manpage for more information."
+echo "This script will modify your system."
+echo "It will enable TPM2 auto-unlock of your LUKS partition for your root device!"
+echo "It will bind to PCR 7 only which is tied to your secureboot state."
+read -p "Are you sure are good with this and want to enable TPM2 auto-unlock? " -n 1 -r
 read -p "This will modify your system and enable TPM2 auto-unlock of your LUKS partition! Are you sure you are good with this? " -n 1 -r
 echo
 if [[ ! $REPLY =~ ^[Yy]$ ]]; then