diff --git a/website/content/docs/concepts/password-policies.mdx b/website/content/docs/concepts/password-policies.mdx
index 2042f89a30..ae5c215f7a 100644
--- a/website/content/docs/concepts/password-policies.mdx
+++ b/website/content/docs/concepts/password-policies.mdx
@@ -316,7 +316,8 @@ are generated from must be no longer than 256 characters.
 #### Parameters
 
 - `charset` `(string: <required>)` – A string representation of the character set that this rule observes.
-  Accepts UTF-8 compatible strings. All characters within the string must be printable.
+  Accepts UTF-8 compatible strings. All characters within the string must be printable.  
+  Please note that the JSON output returned may be escaped for the special and control characters such as <,>,& etc as per the JSON specification.
 - `min-chars` `(int: 0)` - Specifies a minimum number of characters required from the charset specified in
   this rule. For example: if `min-chars = 2`, the password must have at least 2 characters from `charset`.