diff --git a/htdocs/core/ajax/security.php b/htdocs/core/ajax/security.php
index 5bdd45c75d4..13a1d32dacf 100644
--- a/htdocs/core/ajax/security.php
+++ b/htdocs/core/ajax/security.php
@@ -17,7 +17,8 @@
 
 /**
  *       \file       htdocs/core/ajax/security.php
- *       \brief      File for return security data
+ *       \brief      This ajax component is used to generated has keys for security purposes 
+ *                   like key to use into URL to protect them. 
  */
 
 if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Disables token renewal
@@ -33,10 +34,6 @@ require '../../main.inc.php';
  * View
  */
 
-// Ajout directives pour resoudre bug IE
-//header('Cache-Control: Public, must-revalidate');
-//header('Pragma: public');
-
 //top_htmlhead("", "", 1);  // Replaced with top_httphead. An ajax page does not need html header.
 top_httphead();
 
@@ -48,7 +45,7 @@ if (isset($_GET['action']) && ! empty($_GET['action']))
 	if ($_GET['action'] == 'getrandompassword' && $user->admin)
 	{
         require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
-	    $generic = $_GET['generic'];
+	    $generic = $_GET['generic'] ? true : false;
 		echo getRandomPassword($generic);
 	}
 }
diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index 78f8309a05b..0e7f74b32f7 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -90,7 +90,7 @@ function dol_hash($chain,$type=0)
 	else if (! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'sha1') return sha1($chain);
 	else if (! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'sha1md5') return sha1(md5($chain));
 
-	// No enconding defined
+	// No particular enconding defined, use default
 	return md5($chain);
 }
 
diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php
index 04e0fb133f6..3297047bef5 100644
--- a/htdocs/core/lib/security2.lib.php
+++ b/htdocs/core/lib/security2.lib.php
@@ -439,7 +439,7 @@ function encodedecode_dbpassconf($level=0)
 /**
  * Return a generated password using default module
  *
- * @param		boolean		$generic		true=Create generic password (use default crypt function), false=Use the configured password generation module
+ * @param		boolean		$generic		true=Create generic password (use md5, sha1 depending on setup), false=Use the configured password generation module
  * @return		string						New value for password
  */
 function getRandomPassword($generic=false)