diff --git a/src/subsonic.rs b/src/subsonic.rs
index 427990a..f62cb19 100644
--- a/src/subsonic.rs
+++ b/src/subsonic.rs
@@ -19,7 +19,8 @@ pub enum Error {
 
 impl From<reqwest::Error> for Error {
     fn from(err: reqwest::Error) -> Self {
-        Self::ReqwestError(err)
+        // don't print secret salt/token combo
+        Self::ReqwestError(err.without_url())
     }
 }
 
@@ -41,6 +42,7 @@ impl Client {
     pub fn with_password(url: &str, username: &str, password: &[u8]) -> Result<Self, Error> {
         const SALT_BYTES: usize = 8;
 
+        // subsonic docs say to generate a salt per request, but that's completely unnecessary
         let mut salt = vec![0u8; SALT_BYTES];
         openssl::rand::rand_bytes(&mut salt).expect("could not generate random salt");
         let salt_hex = to_hex_str(&salt);