diff --git a/src/components/NavigationDocs.jsx b/src/components/NavigationDocs.jsx
index 234babad..6005db85 100644
--- a/src/components/NavigationDocs.jsx
+++ b/src/components/NavigationDocs.jsx
@@ -51,6 +51,7 @@ export const docsNavigation = [
{ title: 'Use setup keys for automation', href: '/how-to/register-machines-using-setup-keys' },
{ title: 'Manage network access', href: '/how-to/manage-network-access' },
{ title: 'Enforce periodic authentication', href: '/how-to/enforce-periodic-user-authentication' },
+ { title: 'Enable post-quantum cryptography', href: '/how-to/enable-post-quantum-cryptography' },
{ title: 'Route traffic to private networks', href: '/how-to/routing-traffic-to-private-networks' },
{ title: 'Manage DNS in your network', href: '/how-to/manage-dns-in-your-network' },
{ title: 'Monitor system and network activity', href: '/how-to/monitor-system-and-network-activity' },
diff --git a/src/pages/how-to/enable-post-quantum-cryptography.mdx b/src/pages/how-to/enable-post-quantum-cryptography.mdx
new file mode 100644
index 00000000..bf7c80a7
--- /dev/null
+++ b/src/pages/how-to/enable-post-quantum-cryptography.mdx
@@ -0,0 +1,56 @@
+import {Note} from "@/components/mdx";
+
+# Enable post-quantum cryptography
+Post-quantum cryptography aims to mitigate risks associated with quantum computing's potential to undermine existing encryption methods.
+Current concerns include the possibility of bad actors collecting encrypted network traffic to decrypt it once quantum computers become available.
+This 'harvest and decrypt later' strategy threatens the confidentiality of presently secure communications.
+[Rosenpass](https://rosenpass.eu), a post-quantum secure protocol, addresses these concerns by offering advanced cryptographic measures to protect VPN connections against such future threads.
+
+
+## About Rosenpass
+[Rosenpass](https://rosenpass.eu) is a post-quantum secure key-exchange protocol that enhances [WireGuard](https://www.wireguard.com/) VPNs against quantum computer attacks.
+It employs advanced cryptographic methods [Classic McEliece](https://classic.mceliece.org) and [Kyber](https://pq-crystals.org/kyber/).
+The software is [open-source](https://github.com/rosenpass/rosenpass) and designed for easy integration with existing WireGuard installations.
+It ensures future-proof security against quantum threats by continuously generating and rotating WireGuard pre-shared keys every two minutes.
+Rosenpass can also be used as a generic key-exchange mechanism for other protocols.
+
+Starting [v0.25.4](https://github.com/netbirdio/netbird/releases), the NetBird agent runs an embedded Rosenpass server
+that automatically rotates and applies WireGuard pre-shared keys to every point-to-point connection.
+
+ NetBird uses a [Golang implementation](https://github.com/cunicu/go-rosenpass) of the Rosenpass protocol by the [cunīcu](https://cunicu.li) project.
+
+
+## Enable Rosenpass in NetBird
+
+ This is still an experimental feature, may contain bugs, and is not supported on mobile devices.
+
+Rosenpass can be enabled by setting a flag on client start-up.
+```bash
+netbird up --enable-rosenpass
+```
+Rosenpass respects a provided pre-shared key and uses it for its initial key generation. It is possible to define a manually generated pre-shared key.
+```bash
+netbird up --enable-rosenpass --preshared-key
+```
+This configuration is persistent and preserved by the agent during restarts.
+
+
+ If the Rosenpass feature is enabled on a peer it will only be able to communicate with other peers that have Rosenpass enabled.
+
+
+## Disable Rosenpass
+To disable Rosenpass again use the following command.
+```bash
+netbird down
+netbird up --enable-rosenpass=false
+```
+
+## Get started
+
+
+
+
+- Make sure to [star us on GitHub](https://github.com/netbirdio/netbird)
+- Follow us [on Twitter](https://twitter.com/netbird)
+- Join our [Slack Channel](https://join.slack.com/t/netbirdio/shared_invite/zt-vrahf41g-ik1v7fV8du6t0RwxSrJ96A)
+- NetBird [latest release](https://github.com/netbirdio/netbird/releases) on GitHub
\ No newline at end of file