Moved part from 2FA intro to HowTo as section 6, updated the image, seemed to be outdated (#217)

source/manual/how-tos/two_factor.rst

@@ -124,8 +124,22 @@ Hit the test button and if all goes well you should see *successfully authentica
 .. image:: images/system_access_tester.png
    :width: 100%
 
+---------------------------------------------------
+Step 6 - Enable authentication server
+---------------------------------------------------
+Per default the system validates user credentials against the "Local Database".
+In :menuselection:`System --> Settings --> Administration`, section **Authentication** you should
+change this to your newly added authentication server to make sure no local user can gain access
+without 2FA.
+
+**Note: Make sure you've tested your token!**
+
+.. image:: images/auth_server.png
+   :width: 100%
+
+
 ------------------------
-Step 6 - Using the token
+Step 7 - Using the token
 ------------------------
 To use the token in any application/service that you have configured, just open
 the Google Authenticator and add the created token/key **before** your regular password.

source/manual/two_factor.rst

@@ -19,17 +19,6 @@ Supported services are:
 * Caching Proxy
 
 
---------------------------
-GUI Fallback Configuration
---------------------------
-To prevent GUI lockout due to unavailable remote authentication server, the system
-has a default fallback to the local database. In case of 2FA for the GUI one needs
-to disable the fallback option to make sure no local user can gain access without 2FA.
-
-.. image:: images/auth_server_fallback.png
-   :width: 100%
-
-
 ----------------------------
 Time-based One-time Password
 ----------------------------