Be really explicit about what's good and bad
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index 7d3b072..1aeb2a5 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst
@@ -163,9 +163,29 @@
to be kept secret (they can be included
in a transmitted message). Must be the
same number of bytes as the
- ``block_size`` of the cipher. Do not
- reuse an ``initialization_vector`` with
- a given ``key``.
+ ``block_size`` of the cipher. Each time
+ someting is encrypted a new
+ ``initialization_vector`` should be
+ generated. Do not reuse an
+ ``initialization_vector`` with
+ a given ``key``, and particularly do
+ not use a constant
+ ``initialization_vector``.
+
+ A good construction looks like:
+
+ .. code-block:: pycon
+
+ >>> import os
+ >>> iv = os.urandom(16)
+ >>> mode = CBC(iv)
+
+ While the following is bad and will leak information:
+
+ .. code-block:: pycon
+
+ >>> iv = "a" * 16
+ >>> mode = CBC(iv)
.. class:: CTR(nonce)