diff --git a/source/_docs/configuration/securing.markdown b/source/_docs/configuration/securing.markdown
index fa6e91f8d3c..afd3b5078e3 100644
--- a/source/_docs/configuration/securing.markdown
+++ b/source/_docs/configuration/securing.markdown
@@ -27,4 +27,6 @@ If you want to allow remote access, consider these additional points:
 - Protect your communication with a [self-signed certificate](/cookbook/tls_self_signed_certificate/).
 - Use a [proxy](/cookbook/apache_configuration/).
 
-
+<p class='note warning'>
+  If you've forwarded any ports to your Home Assistant system from the Internet then it *will* be found by others. Whether through services like Shodan, or direct port scanning, all systems on the Internet are routinely probed for accessible services. If you fail to set a password then it is simply a matter of time before somebody finds your system - potentially as little as a few hours.
+</p>