diff --git a/src/Identity/Core/src/SignInManager.cs b/src/Identity/Core/src/SignInManager.cs
index e54c0f6155..5aa7aad531 100644
--- a/src/Identity/Core/src/SignInManager.cs
+++ b/src/Identity/Core/src/SignInManager.cs
@@ -296,12 +296,12 @@ namespace Microsoft.AspNetCore.Identity
         }
 
         /// <summary>
-        /// Validates the security stamp for the specified <paramref name="user"/>. Will always return false
-        /// if the userManager does not support security stamps.
+        /// Validates the security stamp for the specified <paramref name="user"/>.  If no user is specified, or if the store
+        /// does not support security stamps, validation is considered successful.
         /// </summary>
         /// <param name="user">The user whose stamp should be validated.</param>
         /// <param name="securityStamp">The expected security stamp value.</param>
-        /// <returns>True if the stamp matches the persisted value, otherwise it will return false.</returns>
+        /// <returns>The result of the validation.</returns>
         public virtual async Task<bool> ValidateSecurityStampAsync(TUser user, string securityStamp)
             => user != null &&
             // Only validate the security stamp if the store supports it