diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md
index f4f7a6860f..614cd3be6f 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md
@@ -83,7 +83,7 @@ The certificate template is configured to supersede all the certificate template
 > [!NOTE]
 > The CA issuing the domain controller certificate must be included in the NTAuth store. By default, the Active Directory Certificate Authority's root certificate is added to the NTAuth store. If you are using a multi-tier CA hierarchy or a third-party CA, this may not be done by default. If the Domain Controller certificate does not directly chain to a CA certificate in the NTAuth store, user authentication will fail.
 
-To check the NTAuth certificate, you can use the below powershell command
+The following PowerShell command can be used to check the NTAuth certificate:
 
 ```powershell
 Certutil -viewstore -enterprise NTAuth