diff --git a/docs/keycloak/delete-unverified-accounts.md b/docs/keycloak/delete-unverified-accounts.md
index cb1ff0c..9f237e3 100644
--- a/docs/keycloak/delete-unverified-accounts.md
+++ b/docs/keycloak/delete-unverified-accounts.md
@@ -12,7 +12,7 @@ Run following after SSH'ing to `nachtigall`.
 Credentials for the following command are in keepass. Create a keycloak
 config/credentials file at `/tmp/kcadm.config`:
 
-```
+```bash
 sudo --user keycloak kcadm.sh config credentials \
   --config /tmp/kcadm.config \
   --server https://auth.pub.solar \
@@ -22,7 +22,7 @@ sudo --user keycloak kcadm.sh config credentials \
 
 Get list of accounts without a verified email address:
 
-```
+```bash
 sudo --user keycloak kcadm.sh get \
   --config /tmp/kcadm.config \
   users \
@@ -35,7 +35,7 @@ Review list of accounts, especially check `createdTimestamp` if any accounts
 were created in the past 2 days. If so, delete those from the
 `/tmp/keycloak-unverified-accounts` file.
 
-```
+```bash
 createdTimestamps=( $( nix run nixpkgs#jq -- -r '.[].createdTimestamp' < /tmp/keycloak-unverified-accounts ) )
 
 # timestamps are in nanoseconds since epoch, so we need to strip the last three digits
@@ -46,17 +46,17 @@ vim /tmp/keycloak-unverified-accounts
 
 Check how many accounts are going to be deleted:
 
-```
+```bash
 jq -r '.[].id' < /tmp/keycloak-unverified-accounts | wc -l
 ```
 
-```
+```bash
 jq -r '.[].id' < /tmp/keycloak-unverified-accounts > /tmp/keycloak-unverified-account-ids
 ```
 
 Final check before deletion (dry-run):
 
-```
+```bash
 for id in $(cat /tmp/keycloak-unverified-account-ids)
   do
     echo sudo --user keycloak kcadm.sh delete \
@@ -68,7 +68,7 @@ for id in $(cat /tmp/keycloak-unverified-account-ids)
 
 THIS WILL DELETE ACCOUNTS:
 
-```
+```bash
 for id in $(cat /tmp/keycloak-unverified-account-ids)
   do
     sudo --user keycloak kcadm.sh delete \
@@ -77,3 +77,9 @@ for id in $(cat /tmp/keycloak-unverified-account-ids)
       --realm pub.solar
   done
 ```
+
+Delete the temp files:
+
+```bash
+sudo rm /tmp/kcadm.config /tmp/keycloak-unverified-accounts /tmp/keycloak-unverified-account-ids
+```