update articles with proper linking

_articles/account/how-to-change-your-email.md

@@ -9,7 +9,7 @@ tags: [account, email]
 
 Your email address can only be changed from the [web vault](https://vault.bitwarden.com).
 
-1. Log in to the [web vault](https://vault.bitwarden.com) at https://vault.bitwarden.com.
+1. Log in to the web vault at <https://vault.bitwarden.com>
 2. Click **Settings** on the sidebar 
 3. Click **Change Email** under the **General** panel
 4. Type in your master password and the email you want to use

_articles/account/how-to-change-your-master-password.md

@@ -9,7 +9,7 @@ tags: [password, account]
 
 The master password can only be changed from the [web vault](https://vault.bitwarden.com).
 
-1. Log in to the [web vault](https://vault.bitwarden.com) at https://vault.bitwarden.com.
+1. Log in to the web vault at <https://vault.bitwarden.com>
 2. Click **Settings** on the sidebar 
 3. Click **Change Master Password** under the **Master Password** panel
 4. Type in your current password, the new password you want, and then re-type to confirm

_articles/account/how-to-setup-two-step-login.md

@@ -9,12 +9,12 @@ tags: [two-step login, 2fa, two factor authentication, account]
 
 Two-step login (or two-factor authentication) can only be configured from the [web vault](https://vault.bitwarden.com).
 
-1. Log in to the [web vault](https://vault.bitwarden.com) at https://vault.bitwarden.com
+1. Log in to the web vault at <https://vault.bitwarden.com>
 2. Click **Settings** on the sidebar 
 3. Click **Manage Two-step Log in** under the **Two-step Log In** panel  
 4. Type in your current password and click **Continue**
 5. Follow the steps that appear
-   - Download a two-step verification app (usually on your mobile device). We recommend [Authy](https://authy.com/).
+   - Download a two-step verification app (usually on your mobile device). We recommend [Authy](https://authy.com/){:target="_blank"}.
    - Scan the QR code with the verification app.
    - Enter the verification code from the app.
 6. Click **Enable Two-step**. Note:

_articles/security/can-bitwarden-see-my-passwords.md

@@ -9,10 +9,6 @@ tags: []
 
 No.
 
-Since your data is fully encrypted and/or hashed before ever leaving **your** local device, no one from the bitwarden
+Since your data is fully encrypted and/or hashed before ever leaving **your** local device, no one from the bitwarden team can ever see, read, or reverse engineer to get to your real data. bitwarden servers only store encrypted and hashed data. This is an important step that bitwarden takes to protect you.
-team can ever see, read, or reverse engineer to get to your real data. bitwarden servers only store encrypted and hashed
-data. This is an important step that bitwarden takes to protect you.
 
-You can read more about how your data is encrypted and transmitted [here][whatencryption].
+You can read more about how your data is encrypted and transmitted [here]({% link _articles/security/what-encryption-is-used.md %}).
-
-[whatencryption]: https://help.bitwarden.com/security/what-encryption-is-used/

_articles/security/cloud-server-security.md

@@ -4,12 +4,7 @@ title: How do you keep the cloud servers secure?
 categories: [Security]
 featured: true
 popular: false
-tags: [cloud]
+tags: [cloud, azure]
 ---
 
-bitwarden processes and stores all data securely in the [Microsoft Azure cloud][azure] using services that are managed by the
+bitwarden processes and stores all data securely in the [Microsoft Azure cloud](https://en.wikipedia.org/wiki/Microsoft_Azure){:target="_blank"} using services that are managed by the team at Microsoft. Since bitwarden only uses service offerings provided by Azure, there is no server infrastructure to manage and maintain. All uptime, scalability, and security updates and guarantees are backed by Microsoft and their cloud infrastructure.
-team at Microsoft. Since bitwarden only uses service offerings provided by Azure, there is no server infrastructure to
-manage and maintain. All uptime, scalability, and security updates and guarantees are backed by Microsoft and their cloud
-infrastructure.
-
-[azure]: https://azure.com

_articles/security/how-is-data-securely-transmitted-and-stored.md

@@ -7,16 +7,8 @@ popular: false
 tags: [encryption]
 ---
 
-bitwarden takes security very seriously when it comes to handling your sensitive data. Your data is never sent to the
+bitwarden takes security very seriously when it comes to handling your sensitive data. Your data is never sent to the bitwarden cloud servers without first being encrypted on your local device using [AES](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard){:target="blank"} 256 bit encryption. You can read more about bitwarden encryption [here]({% link _articles/security/what-encryption-is-used.md %}). bitwarden never stores meaningful data on its servers.
-bitwarden cloud servers without first being encrypted on your local device using [AES][aes] 256 bit encryption. You can read
-more about bitwarden encryption [here][encryption]. bitwarden never stores meaningful data on its servers.
 
-When your devices sync with the bitwarden cloud servers, a copy of the encrypted data is downloaded and securely stored
+When your devices sync with the bitwarden cloud servers, a copy of the encrypted data is downloaded and securely stored to your local device. Whenever you use the bitwarden apps or extensions your data is decrypted only in memory as needed. Data is never stored in its decrypted form on the remote bitwarden servers or on your local device.
-to your local device. Whenever you use the bitwarden apps or extensions your data is decrypted only in memory as needed.
-Data is never stored in its decrypted form on the remote bitwarden servers or on your local device.
 
-bitwarden servers are securely hosted and managed in the [Microsoft Azure cloud][azure].
+bitwarden servers are securely hosted and managed in the [Microsoft Azure cloud](https://en.wikipedia.org/wiki/Microsoft_Azure){:target="_blank"}.
-
-[aes]: https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
-[encryption]: https://help.bitwarden.com/security/what-encryption-is-used/
-[azure]: https://azure.com

_articles/security/password-salt-hash.md

@@ -9,11 +9,6 @@ tags: [encryption, hash]
 
 Yes.
 
-bitwarden salts and hashes your master password with your email address on the client (your computer/device) before it is
+bitwarden salts and hashes your master password with your email address on the client (your computer/device) before it is transmitted to our servers. Once the server receives the hashed password from your computer/device it is then salted again with a cryptographically secure random value, hashed again and stored in our database. This process is repeated and hashes are compared every time you log in.
-transmitted to our servers. Once the server receives the hashed password from your computer/device it is then salted
-again with a cryptographically secure random value, hashed again and stored in our database. This process is repeated and
-hashes are compared every time you log in.
 
-The hashing functions that are used are one way hashes. This means that they cannot be reverse engineered by anyone at
+The hashing functions that are used are one way hashes. This means that they cannot be reverse engineered by anyone at bitwarden to reveal your true master password. In the hypothetical event that the bitwarden servers were hacked and your data was leaked, the data would have **no value** to the hacker.
-bitwarden to reveal your true master password. In the hypothetical event that the bitwarden servers were hacked and your
-data was leaked, the data would have **no value** to the hacker.

_articles/security/what-encryption-is-used.md

@@ -7,27 +7,23 @@ popular: false
 tags: [encryption]
 ---
 
-bitwarden uses [AES][aes] 256 bit encryption as well as [PBKDF2][pbkdf2] to secure your data.
+bitwarden uses [AES][aes]{:target="blank"} 256 bit encryption as well as [PBKDF2][pbkdf2]{:target="blank"} to secure your data.
 
-[AES][aes] is used by the US government and other government agencies around the world for protecting top secret data. With
+[AES][aes]{:target="blank"} is used by the US government and other government agencies around the world for protecting top secret data. With proper implementation and a strong encryption key (your master password), AES is considered unbreakable.
-proper implementation and a strong encryption key (your master password), AES is considered unbreakable.
 
-[PBKDF2][pbkdf2] is used to derive the encryption key from your master password. This key is then salted and hashed.
+[PBKDF2][pbkdf2]{:target="blank"} is used to derive the encryption key from your master password. This key is then salted and hashed.
 
-bitwarden does not write any crypto code. bitwarden only invokes crypto from popular and reputable crypto libraries that are
+bitwarden does not write any crypto code. bitwarden only invokes crypto from popular and reputable crypto libraries that are written and maintained by cryptography experts. The following crypto libraries are used:
-written and maintained by cryptography experts. The following crypto libraries are used:
 
 - Javascript (web and browser extension vaults)
-  - [Forge][forge]
+  - [Forge][forge]{:target="blank"}
-  - [Web Crypto][webcrypto]
+  - [Web Crypto][webcrypto]{:target="blank"}
 - C# (mobile vault)
   - CommonCrypto (iOS, Apple)
   - Javax.Crypto (Android, Oracle)
-  - [BouncyCastle][bouncy] (Android)
+  - [BouncyCastle][bouncy]{:target="blank"} (Android)
 
-bitwarden **always** encrypts and/or hashes your data on your local device before it is ever sent to the cloud servers for
+bitwarden **always** encrypts and/or hashes your data on your local device before it is ever sent to the cloud servers for syncing. The bitwarden servers are only used for storing encrypted data. It is not possible to get your unencrypted data from the bitwarden cloud servers.
-syncing. The bitwarden servers are only used for storing encrypted data. It is not possible to get your unencrypted data from
-the bitwarden cloud servers.
 
 [aes]: https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
 [pbkdf2]: https://en.wikipedia.org/wiki/PBKDF2

_articles/security/what-happens-if-bitwarden-is-hacked.md

@@ -7,11 +7,6 @@ popular: false
 tags: [hacked]
 ---
 
-bitwarden takes extreme measures to ensure that its websites, application, and cloud servers are secure. Part of this security
+bitwarden takes extreme measures to ensure that its websites, application, and cloud servers are secure. Part of this security comes from the fact that [we rely on managed services and do not manage our cloud server infrastructure at all]({% link _articles/security/cloud-server-security.md %}).
-comes from the fact that [we rely on managed services and do not manage our cloud server infrastructure at all][cloud].
 
-However, if for some reason bitwarden were to get hacked and your data was exposed, your information is still protected. This is
+However, if for some reason bitwarden were to get hacked and your data was exposed, your information is still protected. This is because bitwarden uses strong encryption and one-way salted hashing. As long as you use a strong master password, your data is safe no matter who gets hold of it.
-because bitwarden uses strong encryption and one-way salted hashing. As long as you use a strong master password, your data is
-safe no matter who gets hold of it.
-
-[cloud]: https://help.bitwarden.com/security/cloud-server-security/

_articles/security/where-is-data-stored-cloud.md

@@ -7,8 +7,4 @@ popular: false
 tags: [cloud]
 ---
 
-bitwarden processes and stores all data securely in the [Microsoft Azure cloud][azure] using services that are managed by the
+bitwarden processes and stores all data securely in the [Microsoft Azure cloud](https://en.wikipedia.org/wiki/Microsoft_Azure){:target="_blank"} using services that are managed by the team at Microsoft. bitwarden does not manage any server infrastructure or security directly. All data is backed up multiple times over, again using services provided by Microsoft Azure.
-team at Microsoft. bitwarden does not manage any server infrastructure or security directly. All data is backed up multiple
-times over, again using services provided by Microsoft Azure.
-
-[azure]: https://azure.com

_articles/security/where-is-data-stored-computer.md

@@ -20,7 +20,4 @@ Your encrypted data can be found on your computer/device in the following locati
 - Android
   - `/data/data/com.x8bit.bitwarden/`
 
-You data is also automatically synced to our [cloud servers][cloud]. In the event that you need to recover your data due to
+You data is also automatically synced to our [cloud servers]({% link _articles/security/where-is-data-stored-cloud.md %}). In the event that you need to recover your data due to a device crash, simply reinstall the bitwarden application and log in and your data will be re-synced.
-a device crash, simply reinstall the bitwarden application and log in and your data will be re-synced.
-
-[cloud]: https://help.bitwarden.com/security/where-is-data-stored-cloud/

_articles/security/why-should-i-trust-bitwarden.md

@@ -7,12 +7,7 @@ popular: true
 tags: []
 ---
 
-1. bitwarden is 100% open source software. All of our source code is hosted on [GitHub][github] and is free for anyone
+1. bitwarden is 100% open source software. All of our source code is hosted on [GitHub](https://github.com/bitwarden){:target="_blank"} and is free for anyone to review. Hundreds of software developers follow bitwarden's source code projects (and you can too!).
-to review. Hundreds of software developers follow bitwarden's source code projects (and you can too!).
+2. We do not store your passwords. We store encrypted versions of your passwords [that only you can unlock]({% link _articles/security/can-bitwarden-see-my-passwords.md %}).
-2. We do not store your passwords. We store encrypted versions of your passwords [that only you can unlock][encrypted].
 Your sensitive information is all encrypted locally on your personal device before ever being sent to our cloud servers.
-3. bitwarden has a reputation. bitwarden is used by thousands of people. If we did anything questionable or risky we
+3. bitwarden has a reputation. bitwarden is used by thousands of people. If we did anything questionable or risky we would be out of business.
-would be out of business.
-
-[github]: https://github.com/bitwarden
-[encrypted]: https://help.bitwarden.com/security/can-bitwarden-see-my-passwords/

_sass/_help.scss

@@ -258,15 +258,20 @@ footer {
     }
 
     h2 {
-        font-size: $font-size-h2 * .6;
+        font-size: 20px;
     }
 
     h3 {
-        font-size: $font-size-base;
+        font-size: 16px;
     }
 
     h4 {
-        font-size: $font-size-base;
+        font-size: 16px;
+        font-weight: bold;
+    }
+
+    h5 {
+        font-size: 16px;
     }
 }