diff --git a/Setting-up-Authentication.md b/Setting-up-Authentication.md
index 1f6046c..b66d2e2 100644
--- a/Setting-up-Authentication.md
+++ b/Setting-up-Authentication.md
@@ -27,15 +27,12 @@ Use these three options to set up your desired permissions for non-admin guest u
 
 ## Admin Web UI Authentication Methods
 
-> [!WARNING]
-> Make sure you've **set up your [Web UI permissions](https://github.com/ArchiveBox/ArchiveBox/wiki/Configuration#public_index--public_snapshots--public_add_view) first above** to restrict public access.  
-> Configuring advanced auth methods below is pointless if your Web UI permissions allow unrestricted access to guests!
 
 <br/>
 
 ### Username & Password (the default)
 
-You need an admin account to access the Web UI, you can run the commands below to create/edit a user from the CLI:
+You need a user account to access the Admin UI, you can run the commands below to create/edit a user from the CLI:
 
 ```bash
 archivebox manage createsuperuser
@@ -53,6 +50,12 @@ and you can change your password in the UI here: `http://127.0.0.1:8000/admin/pa
 
 <br/>
 
+> [!WARNING]
+> Make sure you've **set up your [Web UI permissions](https://github.com/ArchiveBox/ArchiveBox/wiki/Configuration#public_index--public_snapshots--public_add_view) first above** to restrict public access.  
+> Configuring advanced auth methods below is pointless if your Web UI permissions allow unrestricted access to guests!
+
+<br/>
+
 ### Reverse Proxy Authentication
 
 > Can be used with a reverse proxy auth provider like [oauth2-proxy](https://github.com/oauth2-proxy/oauth2-proxy), [Cloudflare Zero Trust](https://developers.cloudflare.com/cloudflare-one/tutorials/access-workers/#create-a-worker-with-custom-headers), [Authentik](https://docs.goauthentik.io/docs/providers/proxy/), and others.