diff --git a/packages/accounts-passwords/passwords_server.js b/packages/accounts-passwords/passwords_server.js
index 96e06f1ca8..9340de71f4 100644
--- a/packages/accounts-passwords/passwords_server.js
+++ b/packages/accounts-passwords/passwords_server.js
@@ -181,6 +181,10 @@
         throw new Meteor.Error(403, "Validate email link expired");
       var userId = tokenDocument.userId;
       var email = tokenDocument.email;
+
+      // update the validated flag on the index in the emails array
+      // matching email (see
+      // http://www.mongodb.org/display/DOCS/Updating/#Updating-The%24positionaloperator)
       Meteor.users.update({_id: userId, "emails.email": email},
                           {$set: {"emails.$.validated": true}});
       Meteor.accounts._emailValidationTokens.remove({token: token});