diff --git a/activerecord/CHANGELOG b/activerecord/CHANGELOG
index 14da622a867493e9025fe4810159439aa8dae73a..e2cf06052567fa4e300abf22bab1c88f432af6b6 100644
--- a/activerecord/CHANGELOG
+++ b/activerecord/CHANGELOG
@@ -1,5 +1,7 @@
 *SVN*
 
+* Add docs explaining how to protect all attributes using attr_accessible with no arguments. Closes #9631 [boone, rmm5t]
+
 * Update add_index documentation to use new options api. Closes #9787 [kamal]
 
 * Allow find on a has_many association defined with :finder_sql to accept id arguments as strings like regular find does. Closes #9916 [krishna]
diff --git a/activerecord/lib/active_record/base.rb b/activerecord/lib/active_record/base.rb
index 48517d2ca80d062ba13f394eb85065049e741cc2..386f4912e476cabe5888ec575f2e5b6f483b5f90 100755
--- a/activerecord/lib/active_record/base.rb
+++ b/activerecord/lib/active_record/base.rb
@@ -623,6 +623,8 @@ def decrement_counter(counter_name, id)
       #
       #   customer.credit_rating = "Average"
       #   customer.credit_rating # => "Average"
+      #
+      # To start from an all-closed default and enable attributes as needed, have a look at attr_accessible.
       def attr_protected(*attributes)
         write_inheritable_array("attr_protected", attributes - (protected_attributes || []))
       end
@@ -634,7 +636,21 @@ def protected_attributes # :nodoc:
 
       # If this macro is used, only those attributes named in it will be accessible for mass-assignment, such as
       # <tt>new(attributes)</tt> and <tt>attributes=(attributes)</tt>. This is the more conservative choice for mass-assignment
-      # protection. If you'd rather start from an all-open default and restrict attributes as needed, have a look at
+      # protection.
+      #
+      # Example:
+      #
+      #   class Customer < ActiveRecord::Base
+      #     attr_accessible :phone, :email
+      #   end
+      #
+      # Passing an empty argument list protects all attributes:
+      #
+      #   class Product < ActiveRecord::Base
+      #     attr_accessible # none
+      #   end
+      #
+      # If you'd rather start from an all-open default and restrict attributes as needed, have a look at
       # attr_protected.
       def attr_accessible(*attributes)
         write_inheritable_array("attr_accessible", attributes - (accessible_attributes || []))