From 6803b7a263ec09d6fb88b785289562123007d787 Mon Sep 17 00:00:00 2001
From: DubhAd <DubhAd@users.noreply.github.com>
Date: Sun, 20 May 2018 10:08:49 +0100
Subject: [PATCH] Added a warning (#5404)

After yet another [I've been hacked](https://community.home-assistant.io/t/i-have-been-hacked/53723) post on the forum, thought it was about time to start making things a bit more obvious.
---
 source/_docs/configuration/securing.markdown | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/source/_docs/configuration/securing.markdown b/source/_docs/configuration/securing.markdown
index fa6e91f8d3c..afd3b5078e3 100644
--- a/source/_docs/configuration/securing.markdown
+++ b/source/_docs/configuration/securing.markdown
@@ -27,4 +27,6 @@ If you want to allow remote access, consider these additional points:
 - Protect your communication with a [self-signed certificate](/cookbook/tls_self_signed_certificate/).
 - Use a [proxy](/cookbook/apache_configuration/).
 
-
+<p class='note warning'>
+  If you've forwarded any ports to your Home Assistant system from the Internet then it *will* be found by others. Whether through services like Shodan, or direct port scanning, all systems on the Internet are routinely probed for accessible services. If you fail to set a password then it is simply a matter of time before somebody finds your system - potentially as little as a few hours.
+</p>