diff --git a/src/opnsense/mvc/app/library/OPNsense/Auth/TOTP.php b/src/opnsense/mvc/app/library/OPNsense/Auth/TOTP.php
index 6c27902af..eaac0b6a0 100644
--- a/src/opnsense/mvc/app/library/OPNsense/Auth/TOTP.php
+++ b/src/opnsense/mvc/app/library/OPNsense/Auth/TOTP.php
@@ -188,7 +188,7 @@ trait TOTP
         if (!empty($config['graceperiod'])) {
             $this->graceperiod = $config['graceperiod'];
         }
-        if (array_key_exists('passwordFirst', $config) && !empty($config['passwordFirst'])) {
+        if (!empty($config['passwordFirst'])) {
             $this->passwordFirst = true;
         }
     }
diff --git a/src/www/system_advanced_admin.php b/src/www/system_advanced_admin.php
index 82101bf13..127a7fe13 100644
--- a/src/www/system_advanced_admin.php
+++ b/src/www/system_advanced_admin.php
@@ -540,6 +540,15 @@ $(document).ready(function() {
                   </div>
                 </td>
               </tr>
+              <tr>
+                <td><a id="help_for_session_timeout" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?= gettext('Session Timeout') ?></td>
+                <td>
+                  <input class="form-control" name="session_timeout" id="session_timeout" type="text" placeholder="240" value="<?=$pconfig['session_timeout'];?>" />
+                  <div class="hidden" data-for="help_for_session_timeout">
+                    <?= gettext('Time in minutes to expire idle management sessions. The default is 4 hours (240 minutes).') ?>
+                  </div>
+                </td>
+              </tr>
               <tr>
                 <td><a id="help_for_nodnsrebindcheck" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("DNS Rebind Check"); ?></td>
                 <td>
@@ -771,26 +780,6 @@ $(document).ready(function() {
                   <?=gettext("Password protect the console menu"); ?>
                 </td>
               </tr>
-              <tr>
-                <td><a id="help_for_disableintegratedauth" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?= gettext("Integrated authentication") ?></td>
-                <td style="width:78%">
-                  <input name="disableintegratedauth" type="checkbox" value="yes" <?= empty($pconfig['disableintegratedauth']) ? '' : 'checked="checked"' ?>  />
-                  <?=gettext("Disable integrated authentication"); ?>
-                  <div class="hidden" data-for="help_for_disableintegratedauth">
-                      <?=gettext('Login, SSH, and other system services may only use standard UNIX user/password authentication.');?>
-                  </div>
-                </td>
-              </tr>
-              <tr>
-                <td><i class="fa fa-info-circle text-muted"></i> <?= gettext("Sudo usage") ?></td>
-                <td style="width:78%">
-                  <select name="sudo_allow_wheel" id="sudo_allow_wheel" class="selectpicker">
-                    <option value="" <?= empty($pconfig['sudo_allow_wheel']) ? 'selected="selected"' : '' ?>><?= gettext('Disallow') ?></option>
-                    <option value="1" <?= $pconfig['sudo_allow_wheel'] == 1 ? 'selected="selected"' : '' ?>><?= gettext('Ask password') ?></option>
-                    <option value="2" <?= $pconfig['sudo_allow_wheel'] == 2 ? 'selected="selected"' : '' ?>><?= gettext('No password') ?></option>
-                  </select>
-                </td>
-              </tr>
             </table>
           </div>
           <div class="content-box tab-content table-responsive __mb">
@@ -805,7 +794,7 @@ $(document).ready(function() {
                   <select name="authmode[]" multiple="multiple" class="selectpicker" data-style="btn-default">
 <?php
                   foreach ($a_authmode as $auth_key => $auth_server): ?>
-                    <option value="<?= html_safe($auth_key) ?>" <?= in_array($auth_key, $pconfig['authmode']) ? 'selected="selected"' : '' ?>>
+                    <option value="<?= html_safe($auth_key) ?>" <?= !empty($pconfig['authmode']) && in_array($auth_key, $pconfig['authmode']) ? 'selected="selected"' : '' ?>>
                       <?= html_safe($auth_server['name']) ?>
                     </option>
 <?php
@@ -819,11 +808,25 @@ $(document).ready(function() {
                 </td>
               </tr>
               <tr>
-                <td><a id="help_for_session_timeout" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?= gettext('Timeout') ?></td>
+                <td><a id="help_for_sudo_allow_wheel" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?= gettext('Sudo') ?></td>
+                <td style="width:78%">
+                  <select name="sudo_allow_wheel" id="sudo_allow_wheel" class="selectpicker">
+                    <option value="" <?= empty($pconfig['sudo_allow_wheel']) ? 'selected="selected"' : '' ?>><?= gettext('Disallow') ?></option>
+                    <option value="1" <?= $pconfig['sudo_allow_wheel'] == 1 ? 'selected="selected"' : '' ?>><?= gettext('Ask password') ?></option>
+                    <option value="2" <?= $pconfig['sudo_allow_wheel'] == 2 ? 'selected="selected"' : '' ?>><?= gettext('No password') ?></option>
+                  </select>
+                  <div class="hidden" data-for="help_for_sudo_allow_wheel">
+                    <?= gettext('Permit sudo usage for administrators with shell access.') ?>
+                  </div>
+                </td>
+              </tr>
+              <tr>
+                <td><a id="help_for_disableintegratedauth" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?= gettext('System') ?></td>
                 <td>
-                  <input class="form-control" name="session_timeout" id="session_timeout" type="text" placeholder="240" value="<?=$pconfig['session_timeout'];?>" />
-                  <div class="hidden" data-for="help_for_session_timeout">
-                    <?= gettext('Time in minutes to expire idle management sessions. The default is 4 hours (240 minutes).') ?>
+                  <input name="disableintegratedauth" type="checkbox" value="yes" <?= empty($pconfig['disableintegratedauth']) ? '' : 'checked="checked"' ?>  />
+                  <?=gettext("Disable integrated authentication"); ?>
+                  <div class="hidden" data-for="help_for_disableintegratedauth">
+                    <?= gettext('When set, console login, SSH, and other system services can only use standard UNIX account authentication.') ?>
                   </div>
                 </td>
               </tr>
diff --git a/src/www/system_authservers.php b/src/www/system_authservers.php
index 59ae0b300..b5b2e0c0f 100644
--- a/src/www/system_authservers.php
+++ b/src/www/system_authservers.php
@@ -37,9 +37,8 @@ $authCNFOptions = $authFactory->listConfigOptions();
 config_read_array('system', 'authserver');
 config_read_array('ca');
 
-$a_servers = auth_get_authserver_list();
 $a_server = array();
-foreach ($a_servers as $servers) {
+foreach (auth_get_authserver_list() as $servers) {
     $a_server[] = $servers;
 }
 
@@ -411,7 +410,7 @@ $( document ).ready(function() {
             });
         } else {
             $.post('system_usermanager_settings_ldapacpicker.php', request_data, function(data) {
-                var tbl  = $("<table/>");
+                var tbl = $("<table/>");
                 var tbl_body = $("<tbody/>");
                 for (var i=0; i < data.length ; ++i) {
                     var tr = $("<tr/>");
@@ -431,7 +430,6 @@ $( document ).ready(function() {
                   buttons: [{
                             label: "<?= gettext("Close");?>",
                             action: function(dialogRef) {
-
                                 var values = $(".ldap_item_select:checked").map(function(){
                                     return $(this).val();
                                 }).get().join(';');
@@ -465,7 +463,7 @@ $( document ).ready(function() {
                   <td style="width:22%"></td>
                   <td style="width:78%; text-align:right">
                     <small><?=gettext("full help"); ?> </small>
-                    <i class="fa fa-toggle-off text-danger"  style="cursor: pointer;" id="show_all_help_page"></i>
+                    <i class="fa fa-toggle-off text-danger" style="cursor: pointer;" id="show_all_help_page"></i>
                   </td>
                 </tr>
                 <tr>
@@ -586,10 +584,10 @@ endif; ?>
                   <td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Search scope");?></td>
                   <td>
                     <select name="ldap_scope" id="ldap_scope" class="selectpicker" data-style="btn-default">
-                      <option value="one" <?=$pconfig['ldap_scope'] == 'one' ?  "selected=\"selected\"" : "";?>>
+                      <option value="one" <?=$pconfig['ldap_scope'] == 'one' ? "selected=\"selected\"" : "";?>>
                         <?=gettext('One Level');?>
                       </option>
-                      <option value="subtree" <?=$pconfig['ldap_scope'] == 'subtree' ?  "selected=\"selected\"" : "";?>>
+                      <option value="subtree" <?=$pconfig['ldap_scope'] == 'subtree' ? "selected=\"selected\"" : "";?>>
                         <?=gettext('Entire Subtree');?>
                       </option>
                     </select>
@@ -776,22 +774,20 @@ else :
               </thead>
               <tbody>
 <?php
-$i = 0;
-              foreach ($a_server as $server) :
-?>
+              $i = 0;
+              foreach ($a_server as $server): ?>
                 <tr>
-                  <td><?=$server['name']?></td>
-                  <td><?= !empty($authCNFOptions[$server['type']]) ? $authCNFOptions[$server['type']]['description'] : '' ?></td>
-                  <td><?=$server['host'];?></td>
+                  <td><?= $server['name'] ?></td>
+                  <td><?= !empty($authCNFOptions[$server['type']]) ? $authCNFOptions[$server['type']]['description'] : $server['name'] ?></td>
+                  <td><?= !empty($server['host']) ? $server['host'] : $config['system']['hostname'] ?></td>
                   <td>
                     <?php if ($i < (count($a_server) - 1)) :
 ?>
-                    <a href="system_authservers.php?act=edit&amp;id=<?=$i;?>" class="btn btn-default btn-xs">
-                      <span class="glyphicon glyphicon-pencil"></span>
+                    <a href="system_authservers.php?act=edit&amp;id=<?=$i;?>" title="<?= html_safe(gettext('Edit')) ?>" data-toggle="tooltip" class="btn btn-default btn-xs">
+                      <i class="fa fa-pencil text-muted"></i>
                     </a>
-                    &nbsp;
-                    <a id="del_<?=$i;?>" title="<?=gettext("delete this server"); ?>" data-toggle="tooltip"  class="act_delete btn btn-default btn-xs">
-                      <span class="fa fa-trash text-muted"></span>
+                    <a id="del_<?=$i;?>" title="<?= html_safe(gettext('Delete')) ?>" data-toggle="tooltip" class="act_delete btn btn-default btn-xs">
+                      <i class="fa fa-trash text-muted"></i>
                     </a>
                   </td>
 <?php
@@ -800,11 +796,6 @@ endif; ?>
 <?php
                 $i++;
               endforeach;?>
-                <tr>
-                  <td colspan="4">
-                    <?=gettext("Additional authentication servers can be added here.");?>
-                  </td>
-                </tr>
               </tbody>
             </table>
           </form>

@@ -776,22 +774,20 @@ else :
- - + + - - " data-toggle="tooltip" class="act_delete btn btn-default btn-xs"> - + +