diff --git a/book/security.rst b/book/security.rst
index e9dc4df6826..713d291b8ce 100644
--- a/book/security.rst
+++ b/book/security.rst
@@ -1117,6 +1117,10 @@ In order for this to work, just make sure that you have the encoder for your
 user class (e.g. ``AppBundle\Entity\User``) configured under the ``encoders``
 key in ``app/config/security.yml``.
 
+The ``$encoder`` object also has an ``isPasswordValid`` method, which takes
+the ``User`` object as the first argument and the plain password to check
+as the second argument.
+
 .. caution::
 
     When you allow a user to submit a plaintext password (e.g. registration