diff --git a/specs/credentialmanagement/index.src.html b/specs/credentialmanagement/index.src.html
index c871fc12..5df3410d 100644
--- a/specs/credentialmanagement/index.src.html
+++ b/specs/credentialmanagement/index.src.html
@@ -625,18 +625,16 @@ <h3 id="interfaces-request-options">get Options</h3>
 
   <pre class="idl">
     dictionary CredentialRequestOptions {
-      boolean acceptPasswords = true;
+      boolean excludePasswords = false;
       sequence&lt;USVString&gt; federations;
       boolean suppressUI = false;
     };
   </pre>
   <dl dfn-for="CredentialRequestOptions">
-    <dt><dfn dict-member>acceptPasswords</dfn></dt>
+    <dt><dfn dict-member>excludePasswords</dfn></dt>
     <dd>
-      If <code>true</code>, the user agent will return {{LocalCredential}}
+      If <code>true</code>, the user agent will not return {{LocalCredential}}
       objects in response to a request.
-
-      ISSUE(w3c/webappsec#249): Anne notes that this should be inversed.
     </dd>
     <dt><dfn dict-member>federations</dfn></dt>
     <dd>
@@ -661,7 +659,7 @@ <h3 id="interfaces-request-options">get Options</h3>
 
     <pre>
       navigator.<a idl>credentials</a>.<a idl lt="get()">get</a>({
-        "<a idl>acceptPasswords</a>": false,
+        "<a idl>excludePasswords</a>": true,
         "<a idl>federations</a>": [ "https://identity.example.com/" ]
       }).then(function (credential) {
         // ...
@@ -675,7 +673,7 @@ <h3 id="interfaces-request-options">get Options</h3>
 
     <pre>
       navigator.<a idl>credentials</a>.<a idl lt="get()">get</a>({
-        "<a idl>acceptPasswords</a>": false,
+        "<a idl>excludePasswords</a>": true,
         "<a idl>federations</a>": [ "https://identity.example.com/" ],
         "<a idl>suppressUI</a>": true
       }).then(function (credential) {