diff --git a/src/Symfony/Component/Security/Core/Encoder/PlaintextPasswordEncoder.php b/src/Symfony/Component/Security/Core/Encoder/PlaintextPasswordEncoder.php
index bda6269a5201..e2c127aa538f 100644
--- a/src/Symfony/Component/Security/Core/Encoder/PlaintextPasswordEncoder.php
+++ b/src/Symfony/Component/Security/Core/Encoder/PlaintextPasswordEncoder.php
@@ -14,7 +14,9 @@
 use Symfony\Component\Security\Core\Exception\BadCredentialsException;
 
 /**
- * PlaintextPasswordEncoder does not do any encoding.
+ * PlaintextPasswordEncoder does not do any encoding but is useful in testing environments.
+ *
+ * As this encoder is not cryptographically secure, usage of it in production environments is discouraged.
  *
  * @author Fabien Potencier <fabien@symfony.com>
  */