diff --git a/CHANGELOG.md b/CHANGELOG.md
index 73403111ac141553237a3f1691adc22ad2183a16..aa52d2b98fef19a8b1daffde3fb76e9107b6fa13 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Added ###
 
+* two new `password_method`s for the `pycaosdb.ini` and the
+  `configure_connection` function: `unauthenticated` for staying
+  unauthenticated (and using the anonymous user) and `auth_token`. If
+  `password_method == "auth_token"` the `auth_token` option is required as
+  well.
 * Empty string support (See caosdb-server#33)
 
 ### Changed ###
@@ -22,6 +27,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Deprecated ###
 
+* Setting the `auth_token` option without setting the `password_method` to
+  `auth_token`. This affects both the `pycaosdb.ini` and the
+  `configure_connection` function. During the deprecation phase it will be
+  assumed that `password_method` is `auth_token` if the the `auth_token` is
+  set.
+
 ### Removed ###
 
 ### Fixed ###