diff --git a/CHANGES/5529.bugfix b/CHANGES/5529.bugfix
new file mode 100644
index 00000000000..f4321210fb7
--- /dev/null
+++ b/CHANGES/5529.bugfix
@@ -0,0 +1 @@
+Added a note about the default value of the `SECRET_KEY` setting.
diff --git a/pulpcore/app/checks.py b/pulpcore/app/checks.py
index 0cd4a0478b0..b6d27d668d8 100644
--- a/pulpcore/app/checks.py
+++ b/pulpcore/app/checks.py
@@ -19,6 +19,21 @@ def content_origin_check(app_configs, **kwargs):
     return messages
 
 
+@register(deploy=True)
+def secret_key_check(app_configs, **kwargs):
+    messages = []
+    if getattr(settings, "SECRET_KEY", "SECRET") == "SECRET":
+        messages.append(
+            CheckError(
+                "SECRET_KEY is a required setting but it was not configured. It does not "
+                "come pre-configured by the installation and it should be set to a unique, "
+                "unpredictable value."
+                id="pulpcore.E001",
+            )
+        )
+    return messages
+
+
 @register(deploy=True)
 def storage_paths(app_configs, **kwargs):
     warnings = []
diff --git a/pulpcore/app/settings.py b/pulpcore/app/settings.py
index 6ba98056e4b..7b1e12df354 100644
--- a/pulpcore/app/settings.py
+++ b/pulpcore/app/settings.py
@@ -61,7 +61,8 @@
 # List of upload handler classes to be applied in order.
 FILE_UPLOAD_HANDLERS = ("pulpcore.app.files.HashingFileUploadHandler",)
 
-SECRET_KEY = True
+# SECURITY WARNING: this should be set to a unique, unpredictable value
+SECRET_KEY = "SECRET"
 
 # Key used to encrypt fields in the database
 DB_ENCRYPTION_KEY = "/etc/pulp/certs/database_fields.symmetric.key"