diff --git a/env.example b/env.example
index 7772717..99a4629 100644
--- a/env.example
+++ b/env.example
@@ -11,31 +11,6 @@
 ################################################################################
 
 
-# Security
-#
-# Set these to strong passwords to avoid intruders from impersonating a service account
-# The service(s) won't start unless these are specified
-# Running ./gen-passwords.sh will update .env with strong passwords
-# You may skip the Jigasi and Jibri passwords if you are not using those
-# DO NOT reuse passwords
-#
-
-# XMPP password for Jicofo client connections
-JICOFO_AUTH_PASSWORD=
-
-# XMPP password for JVB client connections
-JVB_AUTH_PASSWORD=
-
-# XMPP password for Jigasi MUC client connections
-JIGASI_XMPP_PASSWORD=
-
-# XMPP recorder password for Jibri client connections
-JIBRI_RECORDER_PASSWORD=
-
-# XMPP password for Jibri client connections
-JIBRI_XMPP_PASSWORD=
-
-
 #
 # Basic configuration options
 #
@@ -60,6 +35,7 @@ TZ=UTC
 # https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker#running-behind-nat-or-on-a-lan-environment
 #DOCKER_HOST_ADDRESS=192.168.1.1
 
+
 #
 # Let's Encrypt configuration
 #
@@ -119,6 +95,7 @@ ETHERPAD_SKIN_VARIANTS="super-light-toolbar super-light-editor light-background
 # SIP server transport
 #JIGASI_SIP_TRANSPORT=UDP
 
+
 #
 # Authentication configuration (see handbook for details)
 #
@@ -147,7 +124,6 @@ ETHERPAD_SKIN_VARIANTS="super-light-toolbar super-light-editor light-background
 # (Optional) Set asap_accepted_audiences as a comma separated list
 #JWT_ACCEPTED_AUDIENCES=my_server1,my_server2
 
-
 # LDAP authentication (for more information see the Cyrus SASL saslauthd.conf man page)
 #
 
@@ -195,3 +171,30 @@ ETHERPAD_SKIN_VARIANTS="super-light-toolbar super-light-editor light-background
 
 # Container restart policy
 RESTART_POLICY=unless-stopped
+
+
+#
+# Security
+#
+# Set these to strong passwords to avoid intruders from impersonating a service account
+# The service(s) won't start unless these are specified
+# Running ./gen-passwords.sh will update .env with strong passwords
+# You may skip the Jigasi and Jibri passwords if you are not using those
+# DO NOT reuse passwords
+#
+
+# XMPP password for Jicofo client connections
+JICOFO_AUTH_PASSWORD=
+
+# XMPP password for JVB client connections
+JVB_AUTH_PASSWORD=
+
+# XMPP password for Jigasi MUC client connections
+JIGASI_XMPP_PASSWORD=
+
+# XMPP recorder password for Jibri client connections
+JIBRI_RECORDER_PASSWORD=
+
+# XMPP password for Jibri client connections
+JIBRI_XMPP_PASSWORD=
+