diff --git a/man/cryptsetup-luksChangeKey.8.adoc b/man/cryptsetup-luksChangeKey.8.adoc
index 23376c0c..decf7178 100644
--- a/man/cryptsetup-luksChangeKey.8.adoc
+++ b/man/cryptsetup-luksChangeKey.8.adoc
@@ -34,6 +34,10 @@ been wiped and make the LUKS container inaccessible. LUKS2 mitigates
 that by never overwriting existing keyslot area as long as there's
 a free space in keyslots area at least for one more LUKS2 keyslot.
 
+*WARNING:* If you need to use both luksChangeKey and reencrypt (e.g.
+to recover from a leak) you need to use them in that order to not leak
+the new volume key.
+
 *NOTE:* some parameters are effective only if used with LUKS2 format
 that supports per-keyslot parameters. For LUKS1, PBKDF type and hash
 algorithm is always the same for all keyslots.
diff --git a/man/cryptsetup-reencrypt.8.adoc b/man/cryptsetup-reencrypt.8.adoc
index 387b0a99..845d6f42 100644
--- a/man/cryptsetup-reencrypt.8.adoc
+++ b/man/cryptsetup-reencrypt.8.adoc
@@ -34,6 +34,9 @@ You can regenerate *volume key* (the real key used in on-disk encryption
 unlocked by passphrase), *cipher*, *cipher mode* or *encryption sector size*
 (LUKS2 only).
 
+*WARNING:* If you need to use both luksChangeKey and reencrypt (e.g. to recover
+from a leak) you need to use them in that order to not leak the new volume key.
+
 Reencryption process may be safely interrupted by a user via SIGINT
 signal (ctrl+c). Same applies to SIGTERM signal (i.e. issued by systemd
 during system shutdown).