diff --git a/src/Umbraco.Web.Common/Filters/UmbracoMemberAuthorizeFilter.cs b/src/Umbraco.Web.Common/Filters/UmbracoMemberAuthorizeFilter.cs
index 27c2922637..7f7dcde008 100644
--- a/src/Umbraco.Web.Common/Filters/UmbracoMemberAuthorizeFilter.cs
+++ b/src/Umbraco.Web.Common/Filters/UmbracoMemberAuthorizeFilter.cs
@@ -8,10 +8,12 @@ namespace Umbraco.Web.Common.Filters
 {
 
     /// <summary>
-    /// Ensures authorization is successful for a back office user.
+    /// Ensures authorization is successful for a front-end member
     /// </summary>
     public class UmbracoMemberAuthorizeFilter : IAuthorizationFilter
     {
+        // TODO: Lets revisit this when we get members done and the front-end working and whether it can be replaced or moved to an authz policy
+
         /// <summary>
         /// Comma delimited list of allowed member types
         /// </summary>
diff --git a/src/Umbraco.Web.Common/Filters/ValidateUmbracoFormRouteStringAttribute.cs b/src/Umbraco.Web.Common/Filters/ValidateUmbracoFormRouteStringAttribute.cs
index 45806b9d18..bbd3aa981e 100644
--- a/src/Umbraco.Web.Common/Filters/ValidateUmbracoFormRouteStringAttribute.cs
+++ b/src/Umbraco.Web.Common/Filters/ValidateUmbracoFormRouteStringAttribute.cs
@@ -22,6 +22,8 @@ namespace Umbraco.Web.Common.Filters
     public class ValidateUmbracoFormRouteStringAttribute : TypeFilterAttribute
     {
 
+        // TODO: Lets revisit this when we get members done and the front-end working and whether it can moved to an authz policy
+
         public ValidateUmbracoFormRouteStringAttribute() : base(typeof(ValidateUmbracoFormRouteStringFilter))
         {
             Arguments = new object[] { };
diff --git a/src/Umbraco.Web.Common/Install/InstallAuthorizeAttribute.cs b/src/Umbraco.Web.Common/Install/InstallAuthorizeAttribute.cs
index 6ccebc9b25..5490da961d 100644
--- a/src/Umbraco.Web.Common/Install/InstallAuthorizeAttribute.cs
+++ b/src/Umbraco.Web.Common/Install/InstallAuthorizeAttribute.cs
@@ -13,6 +13,8 @@ namespace Umbraco.Web.Common.Install
     /// </summary>
     public class InstallAuthorizeAttribute : TypeFilterAttribute
     {
+        // NOTE: This doesn't need to be an authz policy, it's only used for the installer
+
         public InstallAuthorizeAttribute() : base(typeof(InstallAuthorizeFilter))
         {
         }