diff --git a/README.md b/README.md
index 8b7b582..83c9f7a 100644
--- a/README.md
+++ b/README.md
@@ -224,11 +224,12 @@ For each model:
 
 #### 3.1 Add Protection
 
-Remove any `attr_accessible` or `attr_protected` declarations and include
+Remove any `attr_accessible` declarations, create an `attr_protected` declaration with no arguments, and include
 `ActiveModel::ForbiddenAttributesProtection`:
 
 ``` ruby
 class Post < ActiveRecord::Base
+  attr_protected
   include ActiveModel::ForbiddenAttributesProtection
 end
 ```
@@ -257,16 +258,17 @@ Ready to work on the next model.
 
 ### 4 Add Protection Globally
 
-Once all models are done, remove their inclusion of the protecting module:
+Once all models are done, remove their inclusion of the protecting module and the `attr_protected`:
 
 ``` ruby
 class Post < ActiveRecord::Base
-  # REMOVE THIS LINE IN EVERY PERSISTENT MODEL
+  # REMOVE THESE TWO LINES IN EVERY PERSISTENT MODEL
+  attr_protected
   include ActiveModel::ForbiddenAttributesProtection
 end
 ```
 
-and add it globally in an initializer:
+and add the the protecting module globally in an initializer:
 
 ``` ruby
 # config/initializers/strong_parameters.rb
@@ -275,6 +277,12 @@ ActiveRecord::Base.class_eval do
 end
 ```
 
+Also delete this line from `config/application.rb` or set it to false:
+
+``` ruby
+config.active_record.whitelist_attributes = true
+```
+
 ### 5 Upgrade to Rails 4
 
 To upgrade to Rails 4 just remove the previous initializer, everything else is