diff --git a/commands.cpp b/commands.cpp
index 2ee80e1..9ebc8db 100644
--- a/commands.cpp
+++ b/commands.cpp
@@ -580,7 +580,12 @@ int smudge (int argc, const char** argv)
 	std::cin.read(reinterpret_cast<char*>(header), sizeof(header));
 	if (std::cin.gcount() != sizeof(header) || std::memcmp(header, "\0GITCRYPT\0", 10) != 0) {
 		// File not encrypted - just copy it out to stdout
-		std::clog << "git-crypt: warning: file not encrypted" << std::endl; // TODO: display additional information explaining why file might be unencrypted
+		std::clog << "git-crypt: Warning: file not encrypted" << std::endl;
+		std::clog << "git-crypt: Run 'git-crypt status' to make sure all files are properly encrypted." << std::endl;
+		std::clog << "git-crypt: If 'git-crypt status' reports no problems, then an older version of" << std::endl;
+		std::clog << "git-crypt: this file may be unencrypted in the repository's history.  If this" << std::endl;
+		std::clog << "git-crypt: file contains sensitive information, you can use 'git filter-branch'" << std::endl;
+		std::clog << "git-crypt: to remove its old versions from the history." << std::endl;
 		std::cout.write(reinterpret_cast<char*>(header), std::cin.gcount()); // include the bytes which we already read
 		std::cout << std::cin.rdbuf();
 		return 0;