diff --git a/src/Symfony/Component/Security/Core/Encoder/PlaintextPasswordEncoder.php b/src/Symfony/Component/Security/Core/Encoder/PlaintextPasswordEncoder.php
index bda6269a52..9e6c7570d8 100644
--- a/src/Symfony/Component/Security/Core/Encoder/PlaintextPasswordEncoder.php
+++ b/src/Symfony/Component/Security/Core/Encoder/PlaintextPasswordEncoder.php
@@ -14,7 +14,9 @@ namespace Symfony\Component\Security\Core\Encoder;
 use Symfony\Component\Security\Core\Exception\BadCredentialsException;
 
 /**
- * PlaintextPasswordEncoder does not do any encoding.
+ * PlaintextPasswordEncoder does not do any encoding but is useful in testing environments.
+ *
+ * As this encoder is not cryptographically secure, usage of it in production environments is not recommended.
  *
  * @author Fabien Potencier <fabien@symfony.com>
  */