diff --git a/lib/ansible/modules/user.py b/lib/ansible/modules/user.py
index b81258153fd..97b8bf2f715 100644
--- a/lib/ansible/modules/user.py
+++ b/lib/ansible/modules/user.py
@@ -92,6 +92,8 @@ options:
             - B(Linux/Unix/POSIX:) Enter the hashed password as the value.
             - See L(FAQ entry,https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module)
               for details on various ways to generate the hash of a password.
+            - The value is written directly to C(/etc/shadow) without any validation. The module has no way to verify/validate the value.
+              This typically breaks authentication, but can be used intentionally to lock an account.
             - To create an account with a locked/disabled password on Linux systems, set this to V('!') or V('*').
             - To create an account with a locked/disabled password on OpenBSD, set this to V('*************').
             - B(OS X/macOS:) Enter the cleartext password as the value. Be sure to take relevant security precautions.