diff --git a/examples/device/hid_cdc_passkey/src/main.c b/examples/device/hid_cdc_passkey/src/main.c
index 3f5da50d1..04c8c8980 100644
--- a/examples/device/hid_cdc_passkey/src/main.c
+++ b/examples/device/hid_cdc_passkey/src/main.c
@@ -64,10 +64,10 @@ static struct config_t {
   uint8_t crc; // simple XOR CRC to check config validity
 } config;
 
-// page to store manufacturer key (can't be corrupter by save config)
-#define FLASH_MANUF_ADDR         ((uint32_t)0x08000000 + 0x400 * 26)
+// page to store manufacturer key (can't be corrupted by save config)
+#define FLASH_MANUF_ADDR         ((uint32_t)0x08000000 + 0x400 * 30)
 // last available page of last sector to store config
-#define FLASH_CONFIG_ADDR       ((uint32_t)0x08000000 + 0x400 * 27)
+#define FLASH_CONFIG_ADDR       ((uint32_t)0x08000000 + 0x400 * 31)
 
 // the credentials to store and repeat
 static char username[64] = {0}; // the credentials username
@@ -222,7 +222,7 @@ static void save_manuf(void)
     goto end;
   }
   for (uint16_t i = 0; i < sizeof(manuf_key); i += 4) {
-    const uint32_t address = FLASH_CONFIG_ADDR + i;
+    const uint32_t address = FLASH_MANUF_ADDR + i;
     uint32_t data;
     memcpy(&data, (uint8_t*)&manuf_key[i], sizeof(data)); // works even if the data it not aligned
     if (HAL_FLASH_Program(FLASH_TYPEPROGRAM_WORD, address, data) != HAL_OK) {
@@ -606,8 +606,8 @@ void cdc_task(void)
                   tud_cdc_write_str_flush(tmp);
                   tud_cdc_write_str_flush("\" | sha256sum\r\n");
                   tud_cdc_write_str_flush(hash_str); // luckily the USB packet len is the same as the string
-                  tud_cdc_write_str_flush("\r\n");
                 }
+                str = "\r\n";
               } else {
                 str = "\r\ninvalid input\r\n";
               }