diff --git a/locale/de/LC_MESSAGES/django.mo b/locale/de/LC_MESSAGES/django.mo
index 5362d0f..9de482f 100644
Binary files a/locale/de/LC_MESSAGES/django.mo and b/locale/de/LC_MESSAGES/django.mo differ
diff --git a/locale/de/LC_MESSAGES/django.po b/locale/de/LC_MESSAGES/django.po
index 3a7ef16..fbbbf6e 100644
--- a/locale/de/LC_MESSAGES/django.po
+++ b/locale/de/LC_MESSAGES/django.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2026-03-13 20:41-0300\n"
+"POT-Creation-Date: 2026-03-14 08:47-0300\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -68,8 +68,8 @@ msgstr ""
 #: app_gateway/forms.py:129 app_gateway/forms.py:147 app_gateway/forms.py:195
 #: app_gateway/forms.py:236 cluster/forms.py:67 cluster/forms.py:124
 #: dns/forms.py:37 dns/forms.py:84 dns/forms.py:153 gatekeeper/forms.py:41
-#: gatekeeper/forms.py:75 gatekeeper/forms.py:137 gatekeeper/forms.py:224
-#: gatekeeper/forms.py:254 gatekeeper/forms.py:285
+#: gatekeeper/forms.py:75 gatekeeper/forms.py:139 gatekeeper/forms.py:226
+#: gatekeeper/forms.py:256 gatekeeper/forms.py:287
 #: routing_templates/forms.py:71 scheduler/forms.py:102
 #: templates/firewall/manage_firewall_rule.html:379
 #: templates/firewall/manage_firewall_settings.html:59
@@ -134,9 +134,9 @@ msgstr "Aktiviert"
 #: app_gateway/views.py:399 cluster/views.py:18 cluster/views.py:45
 #: cluster/views.py:114 gatekeeper/views.py:23 gatekeeper/views.py:48
 #: gatekeeper/views.py:78 gatekeeper/views.py:101 gatekeeper/views.py:131
-#: gatekeeper/views.py:154 gatekeeper/views.py:198 gatekeeper/views.py:257
-#: gatekeeper/views.py:287 gatekeeper/views.py:310 gatekeeper/views.py:340
-#: gatekeeper/views.py:363 gatekeeper/views.py:412
+#: gatekeeper/views.py:154 gatekeeper/views.py:202 gatekeeper/views.py:261
+#: gatekeeper/views.py:291 gatekeeper/views.py:314 gatekeeper/views.py:344
+#: gatekeeper/views.py:367 gatekeeper/views.py:416
 #: templates/access_denied.html:9
 msgid "Access Denied"
 msgstr "Zugriff verweigert"
@@ -219,8 +219,8 @@ msgstr "Upstream"
 
 #: app_gateway/forms.py:41 app_gateway/forms.py:86 app_gateway/forms.py:130
 #: app_gateway/forms.py:148 app_gateway/forms.py:196 app_gateway/forms.py:237
-#: gatekeeper/forms.py:42 gatekeeper/forms.py:76 gatekeeper/forms.py:138
-#: gatekeeper/forms.py:225 gatekeeper/forms.py:255 gatekeeper/forms.py:286
+#: gatekeeper/forms.py:42 gatekeeper/forms.py:76 gatekeeper/forms.py:140
+#: gatekeeper/forms.py:227 gatekeeper/forms.py:257 gatekeeper/forms.py:288
 #: scheduler/forms.py:103
 #: templates/app_gateway/access_policy_type_select.html:50
 #: templates/generic_delete_confirmation.html:19
@@ -300,7 +300,7 @@ msgstr "Öffentlich"
 msgid "Protected"
 msgstr "Geschützt"
 
-#: app_gateway/models.py:45 gatekeeper/models.py:108
+#: app_gateway/models.py:45 gatekeeper/models.py:109
 #: templates/app_gateway/access_policy_type_select.html:41
 #: templates/gatekeeper/gatekeeper_list.html:272
 msgid "Deny"
@@ -594,7 +594,7 @@ msgstr ""
 msgid "IP Lock"
 msgstr "IP-Sperre"
 
-#: cluster/forms.py:21 dns/forms.py:67 gatekeeper/forms.py:196
+#: cluster/forms.py:21 dns/forms.py:67 gatekeeper/forms.py:198
 #: templates/cluster/workers_list.html:10
 #: templates/dns/static_host_list.html:18
 #: templates/firewall/manage_redirect_rule.html:43
@@ -877,7 +877,7 @@ msgstr "Statischer DNS"
 msgid "Invalid hostname."
 msgstr "Ungültiger Hostname."
 
-#: dns/forms.py:131 firewall/forms.py:111 gatekeeper/forms.py:199
+#: dns/forms.py:131 firewall/forms.py:111 gatekeeper/forms.py:201
 #: templates/api_v2/api_documentation.html:51
 #: templates/dns/static_host_list.html:69
 #: templates/firewall/manage_redirect_rule.html:18
@@ -1219,7 +1219,7 @@ msgstr "Firewall‑Einstellungen erfolgreich gespeichert"
 msgid "Username"
 msgstr "Benutzername"
 
-#: gatekeeper/forms.py:18 gatekeeper/forms.py:269
+#: gatekeeper/forms.py:18 gatekeeper/forms.py:271
 #: templates/gatekeeper/gatekeeper_list.html:62
 #: templates/gatekeeper/gatekeeper_list.html:204
 #: templates/wireguard/peer_list/peer_preview_modal.html:103
@@ -1265,85 +1265,89 @@ msgid "Global TOTP Secret"
 msgstr "Globales TOTP-Geheimnis"
 
 #: gatekeeper/forms.py:102
+msgid "Global TOTP Before Authentication"
+msgstr "Globales TOTP vor der Authentifizierung"
+
+#: gatekeeper/forms.py:103
 msgid "OIDC Provider URL"
 msgstr "OIDC-Anbieter-URL"
 
-#: gatekeeper/forms.py:103
+#: gatekeeper/forms.py:104
 msgid "OIDC Client ID"
 msgstr "OIDC-Client-ID"
 
-#: gatekeeper/forms.py:104
+#: gatekeeper/forms.py:105
 msgid "OIDC Client Secret"
 msgstr "OIDC-Client-Geheimnis"
 
-#: gatekeeper/forms.py:155
+#: gatekeeper/forms.py:157
 msgid "TOTP secret must be empty for Local Password authentication."
 msgstr ""
 "Das TOTP-Geheimnis muss für die Authentifizierung mit lokalem Passwort leer "
 "sein."
 
-#: gatekeeper/forms.py:157
+#: gatekeeper/forms.py:159
 msgid "TOTP validation PIN must be empty for Local Password authentication."
 msgstr ""
 "Die TOTP-Validierungs-PIN muss für die Authentifizierung mit lokalem "
 "Passwort leer sein."
 
-#: gatekeeper/forms.py:159
+#: gatekeeper/forms.py:161
 msgid "OIDC fields must be empty for Local Password authentication."
 msgstr ""
 "OIDC-Felder müssen für die Authentifizierung mit lokalem Passwort leer sein."
 
-#: gatekeeper/forms.py:165
+#: gatekeeper/forms.py:167
 msgid "Only one Local Password authentication method can be configured."
 msgstr ""
 "Es kann nur eine Authentifizierungsmethode mit lokalem Passwort konfiguriert "
 "werden."
 
-#: gatekeeper/forms.py:168
+#: gatekeeper/forms.py:170
 msgid "OIDC fields must be empty for TOTP authentication."
 msgstr "OIDC-Felder müssen für die TOTP-Authentifizierung leer sein."
 
-#: gatekeeper/forms.py:170
+#: gatekeeper/forms.py:172
 msgid "TOTP secret is required for TOTP authentication."
 msgstr "Das TOTP-Geheimnis ist für die TOTP-Authentifizierung erforderlich."
 
-#: gatekeeper/forms.py:174
+#: gatekeeper/forms.py:176
 msgid "Please provide a PIN to validate the TOTP secret."
 msgstr "Bitte geben Sie eine PIN an, um das TOTP-Geheimnis zu validieren."
 
-#: gatekeeper/forms.py:179
+#: gatekeeper/forms.py:181
 msgid "Invalid TOTP PIN."
 msgstr "Ungültige TOTP-PIN."
 
-#: gatekeeper/forms.py:181
+#: gatekeeper/forms.py:183
 msgid "Invalid TOTP secret format. Must be a valid Base32 string."
 msgstr ""
 "Ungültiges TOTP-Geheimnisformat. Muss eine gültige Base32-Zeichenfolge sein."
 
-#: gatekeeper/forms.py:184
+#: gatekeeper/forms.py:186
 msgid "TOTP secret must be empty for OIDC authentication."
 msgstr "Das TOTP-Geheimnis muss für die OIDC-Authentifizierung leer sein."
 
-#: gatekeeper/forms.py:186
+#: gatekeeper/forms.py:188
 msgid "TOTP validation PIN must be empty for OIDC authentication."
 msgstr ""
 "Die TOTP-Validierungs-PIN muss für die OIDC-Authentifizierung leer sein."
 
-#: gatekeeper/forms.py:195 gatekeeper/forms.py:237 gatekeeper/forms.py:268
+#: gatekeeper/forms.py:197 gatekeeper/forms.py:239 gatekeeper/forms.py:270
 msgid "Authentication Method"
 msgstr "Authentifizierungsmethode"
 
-#: gatekeeper/forms.py:197 templates/gatekeeper/gatekeeper_list.html:257
+#: gatekeeper/forms.py:199 templates/gatekeeper/gatekeeper_list.html:257
 msgid "Prefix Length"
 msgstr "Präfixlänge"
 
-#: gatekeeper/forms.py:198 templates/firewall/firewall_rule_list.html:47
+#: gatekeeper/forms.py:200 templates/firewall/firewall_rule_list.html:47
 #: templates/firewall/manage_firewall_rule.html:360
 #: templates/gatekeeper/gatekeeper_list.html:258
 msgid "Action"
 msgstr "Aktion"
 
-#: gatekeeper/forms.py:238 templates/gatekeeper/gatekeeper_list.html:221
+#: gatekeeper/forms.py:240 templates/gatekeeper/gatekeeper_list.html:221
 msgid "Domain"
 msgstr "Domäne"
 
@@ -1367,16 +1371,16 @@ msgstr "IP-Adressliste"
 msgid "Shared/global TOTP secret key"
 msgstr "Gemeinsamer/globaler TOTP-Geheimschlüssel"
 
-#: gatekeeper/models.py:68
+#: gatekeeper/models.py:69
 msgid "Password for local authentication (leave blank if not using)"
 msgstr ""
 "Passwort für die lokale Authentifizierung (leer lassen, wenn nicht verwendet)"
 
-#: gatekeeper/models.py:69
+#: gatekeeper/models.py:70
 msgid "Per-user TOTP secret key"
 msgstr "Benutzerspezifischer TOTP-Geheimschlüssel"
 
-#: gatekeeper/models.py:108 templates/gatekeeper/gatekeeper_list.html:270
+#: gatekeeper/models.py:109 templates/gatekeeper/gatekeeper_list.html:270
 msgid "Allow"
 msgstr "Zulassen"
 
@@ -1446,121 +1450,130 @@ msgstr "Authentifizierungsmethode erfolgreich gespeichert."
 #: gatekeeper/views.py:175
 msgid ""
 "\n"
-"        <h5>Authentication Types</h5>\n"
+"        <h4>Authentication Types</h4>\n"
 "        <p>Select how users will authenticate through this method.</p>\n"
-"        <ul>\n"
-"            <li><strong>Local Password</strong>: Users will authenticate "
-"using a standard username and password stored locally. Only one of this type "
-"can be created.</li>\n"
-"            <li><strong>TOTP (Time-Based One-Time Password)</strong>: Users "
-"will need to enter a rotating token from an authenticator app. Requires "
-"setting a Global TOTP Secret.</li>\n"
-"            <li><strong>OIDC (OpenID Connect)</strong>: Users will "
-"authenticate via an external identity provider (like Keycloak, Google, or "
-"Authelia). Requires Provider URL, Client ID, and Client Secret.</li>\n"
-"        </ul>\n"
+"        \n"
+"        <h5>Local Password</h5>\n"
+"        <p>Users will authenticate using a standard username and password "
+"stored locally. Only one of this type can be created.</p>\n"
+"        \n"
+"        <h5>OIDC (OpenID Connect)</h5>\n"
+"        <p>Users will authenticate via an external identity provider (like "
+"Keycloak, Google, or Authelia). Requires Provider URL, Client ID, and Client "
+"Secret.</p>\n"
+"        \n"
+"        <h5>TOTP (Time-Based One-Time Password)</h5>\n"
+"        <p>Users will need to enter a rotating token from an authenticator "
+"app. Requires setting a Global TOTP Secret. <br>If <strong>Global TOTP "
+"Before Authentication</strong> is enabled, the PIN is required before the "
+"username and password to help combat bruteforce attacks.</p>\n"
 "        "
 msgstr ""
 "\n"
-"        <h5>Authentifizierungstypen</h5>\n"
+"        <h4>Authentifizierungstypen</h4>\n"
 "        <p>Wählen Sie aus, wie sich Benutzer über diese Methode "
 "authentifizieren.</p>\n"
-"        <ul>\n"
-"            <li><strong>Lokales Passwort</strong>: Benutzer authentifizieren "
-"sich mit einem lokal gespeicherten Standard-Benutzernamen und Passwort. Es "
-"kann nur einer dieser Typen erstellt werden.</li>\n"
-"            <li><strong>TOTP (Time-Based One-Time Password)</strong>: "
-"Benutzer müssen ein rotierendes Token aus einer Authenticator-App eingeben. "
-"Erfordert die Festlegung eines globalen TOTP-Geheimnisses.</li>\n"
-"            <li><strong>OIDC (OpenID Connect)</strong>: Benutzer "
-"authentifizieren sich über einen externen Identitätsanbieter (wie Keycloak, "
-"Google oder Authelia). Erfordert Anbieter-URL, Client-ID und Client-"
-"Geheimnis.</li>\n"
-"        </ul>\n"
+"        \n"
+"        <h5>Lokales Passwort</h5>\n"
+"        <p>Benutzer authentifizieren sich mit einem lokal gespeicherten "
+"Standard-Benutzernamen und Passwort. Es kann nur einer dieser Typen "
+"erstellt werden.</p>\n"
+"        \n"
+"        <h5>OIDC (OpenID Connect)</h5>\n"
+"        <p>Benutzer authentifizieren sich über einen externen "
+"Identitätsanbieter (wie Keycloak, Google oder Authelia). Erfordert Anbieter-"
+"URL, Client-ID und Client-Geheimnis.</p>\n"
+"        \n"
+"        <h5>TOTP (Zeitbasiertes Einmalpasswort)</h5>\n"
+"        <p>Benutzer müssen ein rotierendes Token aus einer Authenticator-App "
+"eingeben. Erfordert die Festlegung eines globalen TOTP-Geheimnisses. <br>Wenn "
+"<strong>Globales TOTP vor der Authentifizierung</strong> aktiviert ist, wird "
+"die PIN vor dem Benutzernamen und dem Passwort benötigt, um Brute-Force-"
+"Angriffe zu bekämpfen.</p>\n"
 "        "
 
-#: gatekeeper/views.py:206
+#: gatekeeper/views.py:210
 msgid "Authentication Method deleted successfully."
 msgstr "Authentifizierungsmethode erfolgreich gelöscht."
 
-#: gatekeeper/views.py:211
+#: gatekeeper/views.py:215
 msgid "Delete Authentication Method"
 msgstr "Authentifizierungsmethode löschen"
 
-#: gatekeeper/views.py:213
+#: gatekeeper/views.py:217
 #, python-format
 msgid "Are you sure you want to delete the authentication method \"%(name)s\"?"
 msgstr ""
 "Sind Sie sicher, dass Sie die Authentifizierungsmethode \"%(name)s\" löschen "
 "möchten?"
 
-#: gatekeeper/views.py:263
+#: gatekeeper/views.py:267
 msgid "Edit Allowed Domain"
 msgstr "Zulässige Domäne bearbeiten"
 
-#: gatekeeper/views.py:266 templates/gatekeeper/gatekeeper_list.html:186
+#: gatekeeper/views.py:270 templates/gatekeeper/gatekeeper_list.html:186
 msgid "Add Allowed Domain"
 msgstr "Zulässige Domäne hinzufügen"
 
-#: gatekeeper/views.py:273
+#: gatekeeper/views.py:277
 msgid "Allowed Domain saved successfully."
 msgstr "Zulässige Domäne erfolgreich gespeichert."
 
-#: gatekeeper/views.py:295
+#: gatekeeper/views.py:299
 msgid "Allowed Domain deleted successfully."
 msgstr "Zulässige Domäne erfolgreich gelöscht."
 
-#: gatekeeper/views.py:300
+#: gatekeeper/views.py:304
 msgid "Delete Allowed Domain"
 msgstr "Zulässige Domäne löschen"
 
-#: gatekeeper/views.py:302
+#: gatekeeper/views.py:306
 #, python-format
 msgid "Are you sure you want to delete the allowed domain \"%(domain)s\"?"
 msgstr ""
 "Sind Sie sicher, dass Sie die zulässige Domäne \"%(domain)s\" löschen "
 "möchten?"
 
-#: gatekeeper/views.py:316
+#: gatekeeper/views.py:320
 msgid "Edit Allowed Email"
 msgstr "Zulässige E-Mail bearbeiten"
 
-#: gatekeeper/views.py:319 templates/gatekeeper/gatekeeper_list.html:183
+#: gatekeeper/views.py:323 templates/gatekeeper/gatekeeper_list.html:183
 msgid "Add Allowed Email"
 msgstr "Zulässige E-Mail hinzufügen"
 
-#: gatekeeper/views.py:326
+#: gatekeeper/views.py:330
 msgid "Allowed Email saved successfully."
 msgstr "Zulässige E-Mail erfolgreich gespeichert."
 
-#: gatekeeper/views.py:348
+#: gatekeeper/views.py:352
 msgid "Allowed Email deleted successfully."
 msgstr "Zulässige E-Mail erfolgreich gelöscht."
 
-#: gatekeeper/views.py:353
+#: gatekeeper/views.py:357
 msgid "Delete Allowed Email"
 msgstr "Zulässige E-Mail löschen"
 
-#: gatekeeper/views.py:355
+#: gatekeeper/views.py:359
 #, python-format
 msgid "Are you sure you want to delete the allowed email \"%(email)s\"?"
 msgstr ""
 "Sind Sie sicher, dass Sie die zulässige E-Mail \"%(email)s\" löschen möchten?"
 
-#: gatekeeper/views.py:369
+#: gatekeeper/views.py:373
 msgid "Edit IP Address"
 msgstr "IP-Adresse bearbeiten"
 
-#: gatekeeper/views.py:372 templates/gatekeeper/gatekeeper_list.html:247
+#: gatekeeper/views.py:376 templates/gatekeeper/gatekeeper_list.html:247
 #: templates/wireguard/wireguard_manage_peer.html:171
 msgid "Add IP Address"
 msgstr "IP‑Adresse hinzufügen"
 
-#: gatekeeper/views.py:379
+#: gatekeeper/views.py:383
 msgid "IP Address saved successfully."
 msgstr "IP-Adresse erfolgreich gespeichert."
 
-#: gatekeeper/views.py:384
+#: gatekeeper/views.py:388
 msgid ""
 "\n"
 "        <h5>IP Address List</h5>\n"
@@ -1607,15 +1620,15 @@ msgstr ""
 "„Büronetzwerk“, „Blockierter Angreifer“).</p>\n"
 "        "
 
-#: gatekeeper/views.py:420
+#: gatekeeper/views.py:424
 msgid "IP Address deleted successfully."
 msgstr "IP-Adresse erfolgreich gelöscht."
 
-#: gatekeeper/views.py:425
+#: gatekeeper/views.py:429
 msgid "Delete IP Address"
 msgstr "IP-Adresse löschen"
 
-#: gatekeeper/views.py:427
+#: gatekeeper/views.py:431
 #, python-format
 msgid "Are you sure you want to delete the IP address \"%(address)s\"?"
 msgstr ""
diff --git a/locale/es/LC_MESSAGES/django.mo b/locale/es/LC_MESSAGES/django.mo
index 5703901..29a3aff 100644
Binary files a/locale/es/LC_MESSAGES/django.mo and b/locale/es/LC_MESSAGES/django.mo differ
diff --git a/locale/es/LC_MESSAGES/django.po b/locale/es/LC_MESSAGES/django.po
index c5c70cd..5f67f4d 100644
--- a/locale/es/LC_MESSAGES/django.po
+++ b/locale/es/LC_MESSAGES/django.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2026-03-13 20:12-0300\n"
+"POT-Creation-Date: 2026-03-14 08:47-0300\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -68,8 +68,8 @@ msgstr ""
 #: app_gateway/forms.py:129 app_gateway/forms.py:147 app_gateway/forms.py:195
 #: app_gateway/forms.py:236 cluster/forms.py:67 cluster/forms.py:124
 #: dns/forms.py:37 dns/forms.py:84 dns/forms.py:153 gatekeeper/forms.py:41
-#: gatekeeper/forms.py:75 gatekeeper/forms.py:137 gatekeeper/forms.py:224
-#: gatekeeper/forms.py:254 gatekeeper/forms.py:285
+#: gatekeeper/forms.py:75 gatekeeper/forms.py:139 gatekeeper/forms.py:226
+#: gatekeeper/forms.py:256 gatekeeper/forms.py:287
 #: routing_templates/forms.py:71 scheduler/forms.py:102
 #: templates/firewall/manage_firewall_rule.html:379
 #: templates/firewall/manage_firewall_settings.html:59
@@ -134,9 +134,9 @@ msgstr "Habilitado"
 #: app_gateway/views.py:399 cluster/views.py:18 cluster/views.py:45
 #: cluster/views.py:114 gatekeeper/views.py:23 gatekeeper/views.py:48
 #: gatekeeper/views.py:78 gatekeeper/views.py:101 gatekeeper/views.py:131
-#: gatekeeper/views.py:154 gatekeeper/views.py:198 gatekeeper/views.py:257
-#: gatekeeper/views.py:287 gatekeeper/views.py:310 gatekeeper/views.py:340
-#: gatekeeper/views.py:363 gatekeeper/views.py:412
+#: gatekeeper/views.py:154 gatekeeper/views.py:202 gatekeeper/views.py:261
+#: gatekeeper/views.py:291 gatekeeper/views.py:314 gatekeeper/views.py:344
+#: gatekeeper/views.py:367 gatekeeper/views.py:416
 #: templates/access_denied.html:9
 msgid "Access Denied"
 msgstr "Acceso denegado"
@@ -218,8 +218,8 @@ msgstr "Upstream"
 
 #: app_gateway/forms.py:41 app_gateway/forms.py:86 app_gateway/forms.py:130
 #: app_gateway/forms.py:148 app_gateway/forms.py:196 app_gateway/forms.py:237
-#: gatekeeper/forms.py:42 gatekeeper/forms.py:76 gatekeeper/forms.py:138
-#: gatekeeper/forms.py:225 gatekeeper/forms.py:255 gatekeeper/forms.py:286
+#: gatekeeper/forms.py:42 gatekeeper/forms.py:76 gatekeeper/forms.py:140
+#: gatekeeper/forms.py:227 gatekeeper/forms.py:257 gatekeeper/forms.py:288
 #: scheduler/forms.py:103
 #: templates/app_gateway/access_policy_type_select.html:50
 #: templates/generic_delete_confirmation.html:19
@@ -258,7 +258,9 @@ msgstr "Métodos de autenticación"
 
 #: app_gateway/forms.py:170
 msgid "User groups can only be used with local user authentication."
-msgstr "Los grupos de usuarios solo se pueden utilizar con la autenticación de usuarios locales."
+msgstr ""
+"Los grupos de usuarios solo se pueden utilizar con la autenticación de "
+"usuarios locales."
 
 #: app_gateway/forms.py:180 templates/app_gateway/app_gateway_list.html:56
 #: templates/app_gateway/application_details.html:31
@@ -296,7 +298,7 @@ msgstr "Público"
 msgid "Protected"
 msgstr "Protegido"
 
-#: app_gateway/models.py:45 gatekeeper/models.py:108
+#: app_gateway/models.py:45 gatekeeper/models.py:109
 #: templates/app_gateway/access_policy_type_select.html:41
 #: templates/gatekeeper/gatekeeper_list.html:272
 msgid "Deny"
@@ -351,8 +353,8 @@ msgstr ""
 "            <li><strong>Nombre para mostrar</strong>: Un nombre amigable y "
 "legible para fines de visualización.</li>\n"
 "            <li><strong>Upstream</strong>: La URL de destino a la que se "
-"reenviarán las solicitudes (ej: <code>http://10.188.18.27:3000</code>). "
-"Debe comenzar con <code>http://</code> o <code>https://</code>.</li>\n"
+"reenviarán las solicitudes (ej: <code>http://10.188.18.27:3000</code>). Debe "
+"comenzar con <code>http://</code> o <code>https://</code>.</li>\n"
 "        </ul>\n"
 "        "
 
@@ -434,7 +436,8 @@ msgid ""
 msgstr ""
 "\n"
 "            <h5>Política de denegación</h5>\n"
-"            <p>Una política de denegación bloquea todo el acceso a las rutas coincidentes.</p>\n"
+"            <p>Una política de denegación bloquea todo el acceso a las rutas "
+"coincidentes.</p>\n"
 "            "
 
 #: app_gateway/views.py:240
@@ -455,10 +458,15 @@ msgid ""
 msgstr ""
 "\n"
 "            <h5>Política protegida</h5>\n"
-"            <p>Una política protegida requiere que los usuarios se autentiquen antes de acceder a la aplicación.</p>\n"
+"            <p>Una política protegida requiere que los usuarios se "
+"autentiquen antes de acceder a la aplicación.</p>\n"
 "            <ul>\n"
-"                <li><strong>Grupos permitidos</strong>: Limita el acceso a grupos de usuarios específicos. Nota: El uso de grupos requiere seleccionar un Método de autenticación de tipo \"Contraseña local\".</li>\n"
-"                <li><strong>Métodos de autenticación</strong>: Especifique qué métodos pueden utilizar los usuarios para autenticarse (por ejemplo, Contraseña local, TOTP, OIDC).</li>\n"
+"                <li><strong>Grupos permitidos</strong>: Limita el acceso a "
+"grupos de usuarios específicos. Nota: El uso de grupos requiere seleccionar "
+"un Método de autenticación de tipo \"Contraseña local\".</li>\n"
+"                <li><strong>Métodos de autenticación</strong>: Especifique "
+"qué métodos pueden utilizar los usuarios para autenticarse (por ejemplo, "
+"Contraseña local, TOTP, OIDC).</li>\n"
 "            </ul>\n"
 "            "
 
@@ -470,7 +478,9 @@ msgstr "Política de acceso eliminada correctamente."
 msgid ""
 "Cannot delete this Access Policy because it is currently in use by an "
 "Application Route or Application Default Policy."
-msgstr "No se puede eliminar esta política de acceso porque está actualmente en uso por una ruta de aplicación o una política predeterminada de aplicación."
+msgstr ""
+"No se puede eliminar esta política de acceso porque está actualmente en uso "
+"por una ruta de aplicación o una política predeterminada de aplicación."
 
 #: app_gateway/views.py:278
 msgid "Delete Access Policy"
@@ -577,7 +587,7 @@ msgstr "¿Está seguro de que desea eliminar la ruta \"%(name)s\" (%(path)s)?"
 msgid "IP Lock"
 msgstr "Bloqueo de IP"
 
-#: cluster/forms.py:21 dns/forms.py:67 gatekeeper/forms.py:196
+#: cluster/forms.py:21 dns/forms.py:67 gatekeeper/forms.py:198
 #: templates/cluster/workers_list.html:10
 #: templates/dns/static_host_list.html:18
 #: templates/firewall/manage_redirect_rule.html:43
@@ -860,7 +870,7 @@ msgstr "DNS estático"
 msgid "Invalid hostname."
 msgstr "Nombre de host inválido."
 
-#: dns/forms.py:131 firewall/forms.py:111 gatekeeper/forms.py:199
+#: dns/forms.py:131 firewall/forms.py:111 gatekeeper/forms.py:201
 #: templates/api_v2/api_documentation.html:51
 #: templates/dns/static_host_list.html:69
 #: templates/firewall/manage_redirect_rule.html:18
@@ -1199,7 +1209,7 @@ msgstr "Configuración de firewall guardada correctamente"
 msgid "Username"
 msgstr "Usuario"
 
-#: gatekeeper/forms.py:18 gatekeeper/forms.py:269
+#: gatekeeper/forms.py:18 gatekeeper/forms.py:271
 #: templates/gatekeeper/gatekeeper_list.html:62
 #: templates/gatekeeper/gatekeeper_list.html:204
 #: templates/wireguard/peer_list/peer_preview_modal.html:103
@@ -1245,82 +1255,86 @@ msgid "Global TOTP Secret"
 msgstr "Secreto TOTP global"
 
 #: gatekeeper/forms.py:102
+msgid "Global TOTP Before Authentication"
+msgstr "TOTP global antes de la autenticación"
+
+#: gatekeeper/forms.py:103
 msgid "OIDC Provider URL"
 msgstr "URL del proveedor OIDC"
 
-#: gatekeeper/forms.py:103
+#: gatekeeper/forms.py:104
 msgid "OIDC Client ID"
 msgstr "ID de cliente OIDC"
 
-#: gatekeeper/forms.py:104
+#: gatekeeper/forms.py:105
 msgid "OIDC Client Secret"
 msgstr "Secreto de cliente OIDC"
 
-#: gatekeeper/forms.py:155
+#: gatekeeper/forms.py:157
 msgid "TOTP secret must be empty for Local Password authentication."
 msgstr ""
 "El secreto TOTP debe estar vacío para la autenticación por contraseña local."
 
-#: gatekeeper/forms.py:157
+#: gatekeeper/forms.py:159
 msgid "TOTP validation PIN must be empty for Local Password authentication."
 msgstr ""
 "El PIN de validación TOTP debe estar vacío para la autenticación por "
 "contraseña local."
 
-#: gatekeeper/forms.py:159
+#: gatekeeper/forms.py:161
 msgid "OIDC fields must be empty for Local Password authentication."
 msgstr ""
 "Los campos OIDC deben estar vacíos para la autenticación por contraseña "
 "local."
 
-#: gatekeeper/forms.py:165
+#: gatekeeper/forms.py:167
 msgid "Only one Local Password authentication method can be configured."
 msgstr ""
 "Sólo se puede configurar un método de autenticación por contraseña local."
 
-#: gatekeeper/forms.py:168
+#: gatekeeper/forms.py:170
 msgid "OIDC fields must be empty for TOTP authentication."
 msgstr "Los campos OIDC deben estar vacíos para la autenticación TOTP."
 
-#: gatekeeper/forms.py:170
+#: gatekeeper/forms.py:172
 msgid "TOTP secret is required for TOTP authentication."
 msgstr "El secreto TOTP es obligatorio para la autenticación TOTP."
 
-#: gatekeeper/forms.py:174
+#: gatekeeper/forms.py:176
 msgid "Please provide a PIN to validate the TOTP secret."
 msgstr "Proporcione un PIN para validar el secreto TOTP."
 
-#: gatekeeper/forms.py:179
+#: gatekeeper/forms.py:181
 msgid "Invalid TOTP PIN."
 msgstr "PIN TOTP no válido."
 
-#: gatekeeper/forms.py:181
+#: gatekeeper/forms.py:183
 msgid "Invalid TOTP secret format. Must be a valid Base32 string."
 msgstr "Formato de secreto TOTP no válido. Debe ser una cadena Base32 válida."
 
-#: gatekeeper/forms.py:184
+#: gatekeeper/forms.py:186
 msgid "TOTP secret must be empty for OIDC authentication."
 msgstr "El secreto TOTP debe estar vacío para la autenticación OIDC."
 
-#: gatekeeper/forms.py:186
+#: gatekeeper/forms.py:188
 msgid "TOTP validation PIN must be empty for OIDC authentication."
 msgstr "El PIN de validación TOTP debe estar vacío para la autenticación OIDC."
 
-#: gatekeeper/forms.py:195 gatekeeper/forms.py:237 gatekeeper/forms.py:268
+#: gatekeeper/forms.py:197 gatekeeper/forms.py:239 gatekeeper/forms.py:270
 msgid "Authentication Method"
 msgstr "Método de autenticación"
 
-#: gatekeeper/forms.py:197 templates/gatekeeper/gatekeeper_list.html:257
+#: gatekeeper/forms.py:199 templates/gatekeeper/gatekeeper_list.html:257
 msgid "Prefix Length"
 msgstr "Longitud del prefijo"
 
-#: gatekeeper/forms.py:198 templates/firewall/firewall_rule_list.html:47
+#: gatekeeper/forms.py:200 templates/firewall/firewall_rule_list.html:47
 #: templates/firewall/manage_firewall_rule.html:360
 #: templates/gatekeeper/gatekeeper_list.html:258
 msgid "Action"
 msgstr "Acción"
 
-#: gatekeeper/forms.py:238 templates/gatekeeper/gatekeeper_list.html:221
+#: gatekeeper/forms.py:240 templates/gatekeeper/gatekeeper_list.html:221
 msgid "Domain"
 msgstr "Dominio"
 
@@ -1344,15 +1358,15 @@ msgstr "Lista de direcciones IP"
 msgid "Shared/global TOTP secret key"
 msgstr "Clave secreta TOTP compartida/global"
 
-#: gatekeeper/models.py:68
+#: gatekeeper/models.py:69
 msgid "Password for local authentication (leave blank if not using)"
 msgstr "Contraseña para autenticación local (dejar en blanco si no se usa)"
 
-#: gatekeeper/models.py:69
+#: gatekeeper/models.py:70
 msgid "Per-user TOTP secret key"
 msgstr "Clave secreta TOTP por usuario"
 
-#: gatekeeper/models.py:108 templates/gatekeeper/gatekeeper_list.html:270
+#: gatekeeper/models.py:109 templates/gatekeeper/gatekeeper_list.html:270
 msgid "Allow"
 msgstr "Permitir"
 
@@ -1421,121 +1435,129 @@ msgstr "Método de autenticación guardado correctamente."
 #: gatekeeper/views.py:175
 msgid ""
 "\n"
-"        <h5>Authentication Types</h5>\n"
+"        <h4>Authentication Types</h4>\n"
 "        <p>Select how users will authenticate through this method.</p>\n"
-"        <ul>\n"
-"            <li><strong>Local Password</strong>: Users will authenticate "
-"using a standard username and password stored locally. Only one of this type "
-"can be created.</li>\n"
-"            <li><strong>TOTP (Time-Based One-Time Password)</strong>: Users "
-"will need to enter a rotating token from an authenticator app. Requires "
-"setting a Global TOTP Secret.</li>\n"
-"            <li><strong>OIDC (OpenID Connect)</strong>: Users will "
-"authenticate via an external identity provider (like Keycloak, Google, or "
-"Authelia). Requires Provider URL, Client ID, and Client Secret.</li>\n"
-"        </ul>\n"
+"        \n"
+"        <h5>Local Password</h5>\n"
+"        <p>Users will authenticate using a standard username and password "
+"stored locally. Only one of this type can be created.</p>\n"
+"        \n"
+"        <h5>OIDC (OpenID Connect)</h5>\n"
+"        <p>Users will authenticate via an external identity provider (like "
+"Keycloak, Google, or Authelia). Requires Provider URL, Client ID, and Client "
+"Secret.</p>\n"
+"        \n"
+"        <h5>TOTP (Time-Based One-Time Password)</h5>\n"
+"        <p>Users will need to enter a rotating token from an authenticator "
+"app. Requires setting a Global TOTP Secret. <br>If <strong>Global TOTP "
+"Before Authentication</strong> is enabled, the PIN is required before the "
+"username and password to help combat bruteforce attacks.</p>\n"
 "        "
 msgstr ""
 "\n"
-"        <h5>Tipos de autenticación</h5>\n"
+"        <h4>Tipos de autenticación</h4>\n"
 "        <p>Seleccione cómo se autenticarán los usuarios a través de este "
 "método.</p>\n"
-"        <ul>\n"
-"            <li><strong>Contraseña local</strong>: los usuarios se "
-"autenticarán con un nombre de usuario y una contraseña estándar almacenados "
-"localmente. Solo se puede crear uno de este tipo.</li>\n"
-"            <li><strong>TOTP (Contraseña de un solo uso basada en el "
-"tiempo)</strong>: los usuarios deberán introducir un token rotativo de una "
-"aplicación de autenticación. Requiere configurar un secreto TOTP global.</"
-"li>\n"
-"            <li><strong>OIDC (OpenID Connect)</strong>: los usuarios se "
-"autenticarán a través de un proveedor de identidad externo (como Keycloak, "
-"Google o Authelia). Requiere la URL del proveedor, el ID de cliente y el "
-"secreto de cliente.</li>\n"
-"        </ul>\n"
+"        \n"
+"        <h5>Contraseña local</h5>\n"
+"        <p>Los usuarios se autenticarán con un nombre de usuario y una "
+"contraseña estándar almacenados localmente. Solo se puede crear uno de este "
+"tipo.</p>\n"
+"        \n"
+"        <h5>OIDC (OpenID Connect)</h5>\n"
+"        <p>Los usuarios se autenticarán a través de un proveedor de "
+"identidad externo (como Keycloak, Google o Authelia). Requiere la URL del "
+"proveedor, el ID de cliente y el secreto de cliente.</p>\n"
+"        \n"
+"        <h5>TOTP (Contraseña de un solo uso basada en el tiempo)</h5>\n"
+"        <p>Los usuarios deberán introducir un token rotativo de una "
+"aplicación de autenticación. Requiere configurar un secreto TOTP global. "
+"<br>Si <strong>TOTP global antes de la autenticación</strong> está "
+"habilitado, se requiere el PIN antes del nombre de usuario y la contraseña "
+"para ayudar a combatir los ataques de fuerza bruta.</p>\n"
 "        "
 
-#: gatekeeper/views.py:206
+#: gatekeeper/views.py:210
 msgid "Authentication Method deleted successfully."
 msgstr "Método de autenticación eliminado correctamente."
 
-#: gatekeeper/views.py:211
+#: gatekeeper/views.py:215
 msgid "Delete Authentication Method"
 msgstr "Eliminar método de autenticación"
 
-#: gatekeeper/views.py:213
+#: gatekeeper/views.py:217
 #, python-format
 msgid "Are you sure you want to delete the authentication method \"%(name)s\"?"
 msgstr ""
 "¿Está seguro de que desea eliminar el método de autenticación \"%(name)s\"?"
 
-#: gatekeeper/views.py:263
+#: gatekeeper/views.py:267
 msgid "Edit Allowed Domain"
 msgstr "Editar dominio permitido"
 
-#: gatekeeper/views.py:266 templates/gatekeeper/gatekeeper_list.html:186
+#: gatekeeper/views.py:270 templates/gatekeeper/gatekeeper_list.html:186
 msgid "Add Allowed Domain"
 msgstr "Añadir dominio permitido"
 
-#: gatekeeper/views.py:273
+#: gatekeeper/views.py:277
 msgid "Allowed Domain saved successfully."
 msgstr "Dominio permitido guardado correctamente."
 
-#: gatekeeper/views.py:295
+#: gatekeeper/views.py:299
 msgid "Allowed Domain deleted successfully."
 msgstr "Dominio permitido eliminado correctamente."
 
-#: gatekeeper/views.py:300
+#: gatekeeper/views.py:304
 msgid "Delete Allowed Domain"
 msgstr "Eliminar dominio permitido"
 
-#: gatekeeper/views.py:302
+#: gatekeeper/views.py:306
 #, python-format
 msgid "Are you sure you want to delete the allowed domain \"%(domain)s\"?"
 msgstr ""
 "¿Está seguro de que desea eliminar el dominio permitido \"%(domain)s\"?"
 
-#: gatekeeper/views.py:316
+#: gatekeeper/views.py:320
 msgid "Edit Allowed Email"
 msgstr "Editar correo electrónico permitido"
 
-#: gatekeeper/views.py:319 templates/gatekeeper/gatekeeper_list.html:183
+#: gatekeeper/views.py:323 templates/gatekeeper/gatekeeper_list.html:183
 msgid "Add Allowed Email"
 msgstr "Añadir correo electrónico permitido"
 
-#: gatekeeper/views.py:326
+#: gatekeeper/views.py:330
 msgid "Allowed Email saved successfully."
 msgstr "Correo electrónico permitido guardado correctamente."
 
-#: gatekeeper/views.py:348
+#: gatekeeper/views.py:352
 msgid "Allowed Email deleted successfully."
 msgstr "Correo electrónico permitido eliminado correctamente."
 
-#: gatekeeper/views.py:353
+#: gatekeeper/views.py:357
 msgid "Delete Allowed Email"
 msgstr "Eliminar correo electrónico permitido"
 
-#: gatekeeper/views.py:355
+#: gatekeeper/views.py:359
 #, python-format
 msgid "Are you sure you want to delete the allowed email \"%(email)s\"?"
 msgstr ""
 "¿Está seguro de que desea eliminar el correo electrónico permitido "
 "\"%(email)s\"?"
 
-#: gatekeeper/views.py:369
+#: gatekeeper/views.py:373
 msgid "Edit IP Address"
 msgstr "Editar dirección IP"
 
-#: gatekeeper/views.py:372 templates/gatekeeper/gatekeeper_list.html:247
+#: gatekeeper/views.py:376 templates/gatekeeper/gatekeeper_list.html:247
 #: templates/wireguard/wireguard_manage_peer.html:171
 msgid "Add IP Address"
 msgstr "Añadir IP"
 
-#: gatekeeper/views.py:379
+#: gatekeeper/views.py:383
 msgid "IP Address saved successfully."
 msgstr "Dirección IP guardada correctamente."
 
-#: gatekeeper/views.py:384
+#: gatekeeper/views.py:388
 msgid ""
 "\n"
 "        <h5>IP Address List</h5>\n"
@@ -1582,15 +1604,15 @@ msgstr ""
 "\"Red de la Oficina\", \"Atacante Bloqueado\").</p>\n"
 "        "
 
-#: gatekeeper/views.py:420
+#: gatekeeper/views.py:424
 msgid "IP Address deleted successfully."
 msgstr "Dirección IP eliminada correctamente."
 
-#: gatekeeper/views.py:425
+#: gatekeeper/views.py:429
 msgid "Delete IP Address"
 msgstr "Eliminar dirección IP"
 
-#: gatekeeper/views.py:427
+#: gatekeeper/views.py:431
 #, python-format
 msgid "Are you sure you want to delete the IP address \"%(address)s\"?"
 msgstr "¿Está seguro de que desea eliminar la dirección IP \"%(address)s\"?"
diff --git a/locale/fr/LC_MESSAGES/django.mo b/locale/fr/LC_MESSAGES/django.mo
index 412247f..90b2bbf 100644
Binary files a/locale/fr/LC_MESSAGES/django.mo and b/locale/fr/LC_MESSAGES/django.mo differ
diff --git a/locale/fr/LC_MESSAGES/django.po b/locale/fr/LC_MESSAGES/django.po
index d32b225..fdcb34d 100644
--- a/locale/fr/LC_MESSAGES/django.po
+++ b/locale/fr/LC_MESSAGES/django.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2026-03-13 20:41-0300\n"
+"POT-Creation-Date: 2026-03-14 08:47-0300\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -68,8 +68,8 @@ msgstr ""
 #: app_gateway/forms.py:129 app_gateway/forms.py:147 app_gateway/forms.py:195
 #: app_gateway/forms.py:236 cluster/forms.py:67 cluster/forms.py:124
 #: dns/forms.py:37 dns/forms.py:84 dns/forms.py:153 gatekeeper/forms.py:41
-#: gatekeeper/forms.py:75 gatekeeper/forms.py:137 gatekeeper/forms.py:224
-#: gatekeeper/forms.py:254 gatekeeper/forms.py:285
+#: gatekeeper/forms.py:75 gatekeeper/forms.py:139 gatekeeper/forms.py:226
+#: gatekeeper/forms.py:256 gatekeeper/forms.py:287
 #: routing_templates/forms.py:71 scheduler/forms.py:102
 #: templates/firewall/manage_firewall_rule.html:379
 #: templates/firewall/manage_firewall_settings.html:59
@@ -134,9 +134,9 @@ msgstr "Activé"
 #: app_gateway/views.py:399 cluster/views.py:18 cluster/views.py:45
 #: cluster/views.py:114 gatekeeper/views.py:23 gatekeeper/views.py:48
 #: gatekeeper/views.py:78 gatekeeper/views.py:101 gatekeeper/views.py:131
-#: gatekeeper/views.py:154 gatekeeper/views.py:198 gatekeeper/views.py:257
-#: gatekeeper/views.py:287 gatekeeper/views.py:310 gatekeeper/views.py:340
-#: gatekeeper/views.py:363 gatekeeper/views.py:412
+#: gatekeeper/views.py:154 gatekeeper/views.py:202 gatekeeper/views.py:261
+#: gatekeeper/views.py:291 gatekeeper/views.py:314 gatekeeper/views.py:344
+#: gatekeeper/views.py:367 gatekeeper/views.py:416
 #: templates/access_denied.html:9
 msgid "Access Denied"
 msgstr "Accès refusé"
@@ -218,8 +218,8 @@ msgstr "Upstream"
 
 #: app_gateway/forms.py:41 app_gateway/forms.py:86 app_gateway/forms.py:130
 #: app_gateway/forms.py:148 app_gateway/forms.py:196 app_gateway/forms.py:237
-#: gatekeeper/forms.py:42 gatekeeper/forms.py:76 gatekeeper/forms.py:138
-#: gatekeeper/forms.py:225 gatekeeper/forms.py:255 gatekeeper/forms.py:286
+#: gatekeeper/forms.py:42 gatekeeper/forms.py:76 gatekeeper/forms.py:140
+#: gatekeeper/forms.py:227 gatekeeper/forms.py:257 gatekeeper/forms.py:288
 #: scheduler/forms.py:103
 #: templates/app_gateway/access_policy_type_select.html:50
 #: templates/generic_delete_confirmation.html:19
@@ -297,7 +297,7 @@ msgstr "Public"
 msgid "Protected"
 msgstr "Protégé"
 
-#: app_gateway/models.py:45 gatekeeper/models.py:108
+#: app_gateway/models.py:45 gatekeeper/models.py:109
 #: templates/app_gateway/access_policy_type_select.html:41
 #: templates/gatekeeper/gatekeeper_list.html:272
 msgid "Deny"
@@ -591,7 +591,7 @@ msgstr "Êtes-vous sûr de vouloir supprimer la route \"%(name)s\" (%(path)s) ?"
 msgid "IP Lock"
 msgstr "Verrouillage IP"
 
-#: cluster/forms.py:21 dns/forms.py:67 gatekeeper/forms.py:196
+#: cluster/forms.py:21 dns/forms.py:67 gatekeeper/forms.py:198
 #: templates/cluster/workers_list.html:10
 #: templates/dns/static_host_list.html:18
 #: templates/firewall/manage_redirect_rule.html:43
@@ -873,7 +873,7 @@ msgstr "DNS statique"
 msgid "Invalid hostname."
 msgstr "Nom d'hôte invalide."
 
-#: dns/forms.py:131 firewall/forms.py:111 gatekeeper/forms.py:199
+#: dns/forms.py:131 firewall/forms.py:111 gatekeeper/forms.py:201
 #: templates/api_v2/api_documentation.html:51
 #: templates/dns/static_host_list.html:69
 #: templates/firewall/manage_redirect_rule.html:18
@@ -1214,7 +1214,7 @@ msgstr "Paramètres du pare‑feu enregistrés avec succès"
 msgid "Username"
 msgstr "Nom d’utilisateur"
 
-#: gatekeeper/forms.py:18 gatekeeper/forms.py:269
+#: gatekeeper/forms.py:18 gatekeeper/forms.py:271
 #: templates/gatekeeper/gatekeeper_list.html:62
 #: templates/gatekeeper/gatekeeper_list.html:204
 #: templates/wireguard/peer_list/peer_preview_modal.html:103
@@ -1260,84 +1260,88 @@ msgid "Global TOTP Secret"
 msgstr "Secret TOTP mondial"
 
 #: gatekeeper/forms.py:102
+msgid "Global TOTP Before Authentication"
+msgstr "TOTP global avant l'authentification"
+
+#: gatekeeper/forms.py:103
 msgid "OIDC Provider URL"
 msgstr "URL du fournisseur OIDC"
 
-#: gatekeeper/forms.py:103
+#: gatekeeper/forms.py:104
 msgid "OIDC Client ID"
 msgstr "ID client OIDC"
 
-#: gatekeeper/forms.py:104
+#: gatekeeper/forms.py:105
 msgid "OIDC Client Secret"
 msgstr "Secret client OIDC"
 
-#: gatekeeper/forms.py:155
+#: gatekeeper/forms.py:157
 msgid "TOTP secret must be empty for Local Password authentication."
 msgstr ""
 "Le secret TOTP doit être vide pour l'authentification par mot de passe local."
 
-#: gatekeeper/forms.py:157
+#: gatekeeper/forms.py:159
 msgid "TOTP validation PIN must be empty for Local Password authentication."
 msgstr ""
 "Le code de validation TOTP doit être vide pour l'authentification par mot de "
 "passe local."
 
-#: gatekeeper/forms.py:159
+#: gatekeeper/forms.py:161
 msgid "OIDC fields must be empty for Local Password authentication."
 msgstr ""
 "Les champs OIDC doivent être vides pour l'authentification par mot de passe "
 "local."
 
-#: gatekeeper/forms.py:165
+#: gatekeeper/forms.py:167
 msgid "Only one Local Password authentication method can be configured."
 msgstr ""
 "Un seul système d'authentification par mot de passe local peut être "
 "configuré."
 
-#: gatekeeper/forms.py:168
+#: gatekeeper/forms.py:170
 msgid "OIDC fields must be empty for TOTP authentication."
 msgstr "Les champs OIDC doivent être vides pour l'authentification TOTP."
 
-#: gatekeeper/forms.py:170
+#: gatekeeper/forms.py:172
 msgid "TOTP secret is required for TOTP authentication."
 msgstr "Le secret TOTP est requis pour l'authentification TOTP."
 
-#: gatekeeper/forms.py:174
+#: gatekeeper/forms.py:176
 msgid "Please provide a PIN to validate the TOTP secret."
 msgstr "Veuillez fournir un code pour valider le secret TOTP."
 
-#: gatekeeper/forms.py:179
+#: gatekeeper/forms.py:181
 msgid "Invalid TOTP PIN."
 msgstr "Code TOTP invalide."
 
-#: gatekeeper/forms.py:181
+#: gatekeeper/forms.py:183
 msgid "Invalid TOTP secret format. Must be a valid Base32 string."
 msgstr "Format du secret TOTP invalide. Doit être une chaîne Base32 valide."
 
-#: gatekeeper/forms.py:184
+#: gatekeeper/forms.py:186
 msgid "TOTP secret must be empty for OIDC authentication."
 msgstr "Le secret TOTP doit être vide pour l'authentification OIDC."
 
-#: gatekeeper/forms.py:186
+#: gatekeeper/forms.py:188
 msgid "TOTP validation PIN must be empty for OIDC authentication."
 msgstr ""
 "Le code de validation TOTP doit être vide pour l'authentification OIDC."
 
-#: gatekeeper/forms.py:195 gatekeeper/forms.py:237 gatekeeper/forms.py:268
+#: gatekeeper/forms.py:197 gatekeeper/forms.py:239 gatekeeper/forms.py:270
 msgid "Authentication Method"
 msgstr "Méthode d'authentification"
 
-#: gatekeeper/forms.py:197 templates/gatekeeper/gatekeeper_list.html:257
+#: gatekeeper/forms.py:199 templates/gatekeeper/gatekeeper_list.html:257
 msgid "Prefix Length"
 msgstr "Longueur du préfixe"
 
-#: gatekeeper/forms.py:198 templates/firewall/firewall_rule_list.html:47
+#: gatekeeper/forms.py:200 templates/firewall/firewall_rule_list.html:47
 #: templates/firewall/manage_firewall_rule.html:360
 #: templates/gatekeeper/gatekeeper_list.html:258
 msgid "Action"
 msgstr "Action"
 
-#: gatekeeper/forms.py:238 templates/gatekeeper/gatekeeper_list.html:221
+#: gatekeeper/forms.py:240 templates/gatekeeper/gatekeeper_list.html:221
 msgid "Domain"
 msgstr "Domaine"
 
@@ -1361,17 +1365,17 @@ msgstr "Liste d'adresses IP"
 msgid "Shared/global TOTP secret key"
 msgstr "Clé secrète TOTP partagée/globale"
 
-#: gatekeeper/models.py:68
+#: gatekeeper/models.py:69
 msgid "Password for local authentication (leave blank if not using)"
 msgstr ""
 "Mot de passe pour l'authentification locale (laissez vide si vous ne "
 "l'utilisez pas)"
 
-#: gatekeeper/models.py:69
+#: gatekeeper/models.py:70
 msgid "Per-user TOTP secret key"
 msgstr "Clé secrète TOTP par utilisateur"
 
-#: gatekeeper/models.py:108 templates/gatekeeper/gatekeeper_list.html:270
+#: gatekeeper/models.py:109 templates/gatekeeper/gatekeeper_list.html:270
 msgid "Allow"
 msgstr "Autoriser"
 
@@ -1440,120 +1444,128 @@ msgstr "Méthode d'authentification enregistrée avec succès."
 #: gatekeeper/views.py:175
 msgid ""
 "\n"
-"        <h5>Authentication Types</h5>\n"
+"        <h4>Authentication Types</h4>\n"
 "        <p>Select how users will authenticate through this method.</p>\n"
-"        <ul>\n"
-"            <li><strong>Local Password</strong>: Users will authenticate "
-"using a standard username and password stored locally. Only one of this type "
-"can be created.</li>\n"
-"            <li><strong>TOTP (Time-Based One-Time Password)</strong>: Users "
-"will need to enter a rotating token from an authenticator app. Requires "
-"setting a Global TOTP Secret.</li>\n"
-"            <li><strong>OIDC (OpenID Connect)</strong>: Users will "
-"authenticate via an external identity provider (like Keycloak, Google, or "
-"Authelia). Requires Provider URL, Client ID, and Client Secret.</li>\n"
-"        </ul>\n"
+"        \n"
+"        <h5>Local Password</h5>\n"
+"        <p>Users will authenticate using a standard username and password "
+"stored locally. Only one of this type can be created.</p>\n"
+"        \n"
+"        <h5>OIDC (OpenID Connect)</h5>\n"
+"        <p>Users will authenticate via an external identity provider (like "
+"Keycloak, Google, or Authelia). Requires Provider URL, Client ID, and Client "
+"Secret.</p>\n"
+"        \n"
+"        <h5>TOTP (Time-Based One-Time Password)</h5>\n"
+"        <p>Users will need to enter a rotating token from an authenticator "
+"app. Requires setting a Global TOTP Secret. <br>If <strong>Global TOTP "
+"Before Authentication</strong> is enabled, the PIN is required before the "
+"username and password to help combat bruteforce attacks.</p>\n"
 "        "
 msgstr ""
 "\n"
-"        <h5>Types d'authentification</h5>\n"
+"        <h4>Types d'authentification</h4>\n"
 "        <p>Sélectionnez la façon dont les utilisateurs s'authentifieront via "
 "cette méthode.</p>\n"
-"        <ul>\n"
-"            <li><strong>Mot de passe local</strong> : les utilisateurs "
-"s'authentifieront à l'aide d'un nom d'utilisateur et d'un mot de passe "
-"standard stockés localement. Un seul de ce type peut être créé.</li>\n"
-"            <li><strong>TOTP (Time-Based One-Time Password)</strong> : les "
-"utilisateurs devront saisir un jeton rotatif à partir d'une application "
-"d'authentification. Nécessite la configuration d'un secret TOTP global.</"
-"li>\n"
-"            <li><strong>OIDC (OpenID Connect)</strong> : les utilisateurs "
-"s'authentifieront via un fournisseur d'identité externe (comme Keycloak, "
-"Google ou Authelia). Nécessite l'URL du fournisseur, l'ID client et le "
-"secret client.</li>\n"
-"        </ul>\n"
+"        \n"
+"        <h5>Mot de passe local</h5>\n"
+"        <p>Les utilisateurs s'authentifieront à l'aide d'un nom "
+"d'utilisateur et d'un mot de passe standard stockés localement. Un seul de "
+"ce type peut être créé.</p>\n"
+"        \n"
+"        <h5>OIDC (OpenID Connect)</h5>\n"
+"        <p>Les utilisateurs s'authentifieront via un fournisseur d'identité "
+"externe (comme Keycloak, Google ou Authelia). Nécessite l'URL du "
+"fournisseur, l'ID client et le secret client.</p>\n"
+"        \n"
+"        <h5>TOTP (Mot de passe à usage unique basé sur le temps)</h5>\n"
+"        <p>Les utilisateurs devront saisir un jeton rotatif à partir d'une "
+"application d'authentification. Nécessite la configuration d'un secret TOTP "
+"global. <br>Si <strong>TOTP mondial avant l'authentification</strong> est "
+"activé, le code est requis avant le nom d'utilisateur et le mot de passe "
+"pour aider à lutter contre les attaques par force brute.</p>\n"
 "        "
 
-#: gatekeeper/views.py:206
+#: gatekeeper/views.py:210
 msgid "Authentication Method deleted successfully."
 msgstr "Méthode d'authentification supprimée avec succès."
 
-#: gatekeeper/views.py:211
+#: gatekeeper/views.py:215
 msgid "Delete Authentication Method"
 msgstr "Supprimer la méthode d'authentification"
 
-#: gatekeeper/views.py:213
+#: gatekeeper/views.py:217
 #, python-format
 msgid "Are you sure you want to delete the authentication method \"%(name)s\"?"
 msgstr ""
 "Êtes-vous sûr de vouloir supprimer la méthode d'authentification "
 "\"%(name)s\" ?"
 
-#: gatekeeper/views.py:263
+#: gatekeeper/views.py:267
 msgid "Edit Allowed Domain"
 msgstr "Modifier le domaine autorisé"
 
-#: gatekeeper/views.py:266 templates/gatekeeper/gatekeeper_list.html:186
+#: gatekeeper/views.py:270 templates/gatekeeper/gatekeeper_list.html:186
 msgid "Add Allowed Domain"
 msgstr "Ajouter un domaine autorisé"
 
-#: gatekeeper/views.py:273
+#: gatekeeper/views.py:277
 msgid "Allowed Domain saved successfully."
 msgstr "Domaine autorisé enregistré avec succès."
 
-#: gatekeeper/views.py:295
+#: gatekeeper/views.py:299
 msgid "Allowed Domain deleted successfully."
 msgstr "Domaine autorisé supprimé avec succès."
 
-#: gatekeeper/views.py:300
+#: gatekeeper/views.py:304
 msgid "Delete Allowed Domain"
 msgstr "Supprimer le domaine autorisé"
 
-#: gatekeeper/views.py:302
+#: gatekeeper/views.py:306
 #, python-format
 msgid "Are you sure you want to delete the allowed domain \"%(domain)s\"?"
 msgstr ""
 "Êtes-vous sûr de vouloir supprimer le domaine autorisé \"%(domain)s\" ?"
 
-#: gatekeeper/views.py:316
+#: gatekeeper/views.py:320
 msgid "Edit Allowed Email"
 msgstr "Modifier l'e-mail autorisé"
 
-#: gatekeeper/views.py:319 templates/gatekeeper/gatekeeper_list.html:183
+#: gatekeeper/views.py:323 templates/gatekeeper/gatekeeper_list.html:183
 msgid "Add Allowed Email"
 msgstr "Ajouter un e-mail autorisé"
 
-#: gatekeeper/views.py:326
+#: gatekeeper/views.py:330
 msgid "Allowed Email saved successfully."
 msgstr "E-mail autorisé enregistré avec succès."
 
-#: gatekeeper/views.py:348
+#: gatekeeper/views.py:352
 msgid "Allowed Email deleted successfully."
 msgstr "E-mail autorisé supprimé avec succès."
 
-#: gatekeeper/views.py:353
+#: gatekeeper/views.py:357
 msgid "Delete Allowed Email"
 msgstr "Supprimer l'e-mail autorisé"
 
-#: gatekeeper/views.py:355
+#: gatekeeper/views.py:359
 #, python-format
 msgid "Are you sure you want to delete the allowed email \"%(email)s\"?"
 msgstr "Êtes-vous sûr de vouloir supprimer l'e-mail autorisé \"%(email)s\" ?"
 
-#: gatekeeper/views.py:369
+#: gatekeeper/views.py:373
 msgid "Edit IP Address"
 msgstr "Modifier l'adresse IP"
 
-#: gatekeeper/views.py:372 templates/gatekeeper/gatekeeper_list.html:247
+#: gatekeeper/views.py:376 templates/gatekeeper/gatekeeper_list.html:247
 #: templates/wireguard/wireguard_manage_peer.html:171
 msgid "Add IP Address"
 msgstr "Ajouter une adresse IP"
 
-#: gatekeeper/views.py:379
+#: gatekeeper/views.py:383
 msgid "IP Address saved successfully."
 msgstr "Adresse IP enregistrée avec succès."
 
-#: gatekeeper/views.py:384
+#: gatekeeper/views.py:388
 msgid ""
 "\n"
 "        <h5>IP Address List</h5>\n"
@@ -1600,15 +1612,15 @@ msgstr ""
 "\"Réseau de bureau\", \"Attaquant bloqué\").</p>\n"
 "        "
 
-#: gatekeeper/views.py:420
+#: gatekeeper/views.py:424
 msgid "IP Address deleted successfully."
 msgstr "Adresse IP supprimée avec succès."
 
-#: gatekeeper/views.py:425
+#: gatekeeper/views.py:429
 msgid "Delete IP Address"
 msgstr "Supprimer l'adresse IP"
 
-#: gatekeeper/views.py:427
+#: gatekeeper/views.py:431
 #, python-format
 msgid "Are you sure you want to delete the IP address \"%(address)s\"?"
 msgstr "Êtes-vous sûr de vouloir supprimer l'adresse IP \"%(address)s\" ?"
diff --git a/locale/pt_BR/LC_MESSAGES/django.mo b/locale/pt_BR/LC_MESSAGES/django.mo
index 77aa94f..14eb6bb 100644
Binary files a/locale/pt_BR/LC_MESSAGES/django.mo and b/locale/pt_BR/LC_MESSAGES/django.mo differ
diff --git a/locale/pt_BR/LC_MESSAGES/django.po b/locale/pt_BR/LC_MESSAGES/django.po
index 4fbc351..1eb1a1f 100644
--- a/locale/pt_BR/LC_MESSAGES/django.po
+++ b/locale/pt_BR/LC_MESSAGES/django.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2026-03-13 20:36-0300\n"
+"POT-Creation-Date: 2026-03-14 08:47-0300\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -68,8 +68,8 @@ msgstr ""
 #: app_gateway/forms.py:129 app_gateway/forms.py:147 app_gateway/forms.py:195
 #: app_gateway/forms.py:236 cluster/forms.py:67 cluster/forms.py:124
 #: dns/forms.py:37 dns/forms.py:84 dns/forms.py:153 gatekeeper/forms.py:41
-#: gatekeeper/forms.py:75 gatekeeper/forms.py:137 gatekeeper/forms.py:224
-#: gatekeeper/forms.py:254 gatekeeper/forms.py:285
+#: gatekeeper/forms.py:75 gatekeeper/forms.py:139 gatekeeper/forms.py:226
+#: gatekeeper/forms.py:256 gatekeeper/forms.py:287
 #: routing_templates/forms.py:71 scheduler/forms.py:102
 #: templates/firewall/manage_firewall_rule.html:379
 #: templates/firewall/manage_firewall_settings.html:59
@@ -134,9 +134,9 @@ msgstr "Habilitado"
 #: app_gateway/views.py:399 cluster/views.py:18 cluster/views.py:45
 #: cluster/views.py:114 gatekeeper/views.py:23 gatekeeper/views.py:48
 #: gatekeeper/views.py:78 gatekeeper/views.py:101 gatekeeper/views.py:131
-#: gatekeeper/views.py:154 gatekeeper/views.py:198 gatekeeper/views.py:257
-#: gatekeeper/views.py:287 gatekeeper/views.py:310 gatekeeper/views.py:340
-#: gatekeeper/views.py:363 gatekeeper/views.py:412
+#: gatekeeper/views.py:154 gatekeeper/views.py:202 gatekeeper/views.py:261
+#: gatekeeper/views.py:291 gatekeeper/views.py:314 gatekeeper/views.py:344
+#: gatekeeper/views.py:367 gatekeeper/views.py:416
 #: templates/access_denied.html:9
 msgid "Access Denied"
 msgstr "Acesso Negado"
@@ -218,8 +218,8 @@ msgstr "Upstream"
 
 #: app_gateway/forms.py:41 app_gateway/forms.py:86 app_gateway/forms.py:130
 #: app_gateway/forms.py:148 app_gateway/forms.py:196 app_gateway/forms.py:237
-#: gatekeeper/forms.py:42 gatekeeper/forms.py:76 gatekeeper/forms.py:138
-#: gatekeeper/forms.py:225 gatekeeper/forms.py:255 gatekeeper/forms.py:286
+#: gatekeeper/forms.py:42 gatekeeper/forms.py:76 gatekeeper/forms.py:140
+#: gatekeeper/forms.py:227 gatekeeper/forms.py:257 gatekeeper/forms.py:288
 #: scheduler/forms.py:103
 #: templates/app_gateway/access_policy_type_select.html:50
 #: templates/generic_delete_confirmation.html:19
@@ -296,7 +296,7 @@ msgstr "Público"
 msgid "Protected"
 msgstr "Protegido"
 
-#: app_gateway/models.py:45 gatekeeper/models.py:108
+#: app_gateway/models.py:45 gatekeeper/models.py:109
 #: templates/app_gateway/access_policy_type_select.html:41
 #: templates/gatekeeper/gatekeeper_list.html:272
 msgid "Deny"
@@ -583,7 +583,7 @@ msgstr "Tem certeza de que deseja excluir a rota \"%(name)s\" (%(path)s)?"
 msgid "IP Lock"
 msgstr "Bloqueio de IP"
 
-#: cluster/forms.py:21 dns/forms.py:67 gatekeeper/forms.py:196
+#: cluster/forms.py:21 dns/forms.py:67 gatekeeper/forms.py:198
 #: templates/cluster/workers_list.html:10
 #: templates/dns/static_host_list.html:18
 #: templates/firewall/manage_redirect_rule.html:43
@@ -864,7 +864,7 @@ msgstr "DNS Estático"
 msgid "Invalid hostname."
 msgstr "Nome de host inválido."
 
-#: dns/forms.py:131 firewall/forms.py:111 gatekeeper/forms.py:199
+#: dns/forms.py:131 firewall/forms.py:111 gatekeeper/forms.py:201
 #: templates/api_v2/api_documentation.html:51
 #: templates/dns/static_host_list.html:69
 #: templates/firewall/manage_redirect_rule.html:18
@@ -1206,7 +1206,7 @@ msgstr "Configurações de Firewall salvas com sucesso"
 msgid "Username"
 msgstr "Usuário"
 
-#: gatekeeper/forms.py:18 gatekeeper/forms.py:269
+#: gatekeeper/forms.py:18 gatekeeper/forms.py:271
 #: templates/gatekeeper/gatekeeper_list.html:62
 #: templates/gatekeeper/gatekeeper_list.html:204
 #: templates/wireguard/peer_list/peer_preview_modal.html:103
@@ -1252,77 +1252,81 @@ msgid "Global TOTP Secret"
 msgstr "Segredo TOTP Global"
 
 #: gatekeeper/forms.py:102
+msgid "Global TOTP Before Authentication"
+msgstr "TOTP Global Antes da Autenticação"
+
+#: gatekeeper/forms.py:103
 msgid "OIDC Provider URL"
 msgstr "URL do Provedor OIDC"
 
-#: gatekeeper/forms.py:103
+#: gatekeeper/forms.py:104
 msgid "OIDC Client ID"
 msgstr "ID do Cliente OIDC"
 
-#: gatekeeper/forms.py:104
+#: gatekeeper/forms.py:105
 msgid "OIDC Client Secret"
 msgstr "Segredo do Cliente OIDC"
 
-#: gatekeeper/forms.py:155
+#: gatekeeper/forms.py:157
 msgid "TOTP secret must be empty for Local Password authentication."
 msgstr "O segredo TOTP deve estar vazio para autenticação por Senha Local."
 
-#: gatekeeper/forms.py:157
+#: gatekeeper/forms.py:159
 msgid "TOTP validation PIN must be empty for Local Password authentication."
 msgstr ""
 "O PIN de validação TOTP deve estar vazio para autenticação por Senha Local."
 
-#: gatekeeper/forms.py:159
+#: gatekeeper/forms.py:161
 msgid "OIDC fields must be empty for Local Password authentication."
 msgstr "Os campos OIDC devem estar vazios para autenticação por Senha Local."
 
-#: gatekeeper/forms.py:165
+#: gatekeeper/forms.py:167
 msgid "Only one Local Password authentication method can be configured."
 msgstr "Apenas um método de autenticação por Senha Local pode ser configurado."
 
-#: gatekeeper/forms.py:168
+#: gatekeeper/forms.py:170
 msgid "OIDC fields must be empty for TOTP authentication."
 msgstr "Os campos OIDC devem estar vazios para autenticação por TOTP."
 
-#: gatekeeper/forms.py:170
+#: gatekeeper/forms.py:172
 msgid "TOTP secret is required for TOTP authentication."
 msgstr "O segredo TOTP é obrigatório para autenticação por TOTP."
 
-#: gatekeeper/forms.py:174
+#: gatekeeper/forms.py:176
 msgid "Please provide a PIN to validate the TOTP secret."
 msgstr "Por favor, forneça um PIN para validar o segredo TOTP."
 
-#: gatekeeper/forms.py:179
+#: gatekeeper/forms.py:181
 msgid "Invalid TOTP PIN."
 msgstr "PIN TOTP inválido."
 
-#: gatekeeper/forms.py:181
+#: gatekeeper/forms.py:183
 msgid "Invalid TOTP secret format. Must be a valid Base32 string."
 msgstr "Formato de segredo TOTP inválido. Deve ser uma string Base32 válida."
 
-#: gatekeeper/forms.py:184
+#: gatekeeper/forms.py:186
 msgid "TOTP secret must be empty for OIDC authentication."
 msgstr "O segredo TOTP deve estar vazio para autenticação por OIDC."
 
-#: gatekeeper/forms.py:186
+#: gatekeeper/forms.py:188
 msgid "TOTP validation PIN must be empty for OIDC authentication."
 msgstr "O PIN de validação TOTP deve estar vazio para autenticação por OIDC."
 
-#: gatekeeper/forms.py:195 gatekeeper/forms.py:237 gatekeeper/forms.py:268
+#: gatekeeper/forms.py:197 gatekeeper/forms.py:239 gatekeeper/forms.py:270
 msgid "Authentication Method"
 msgstr "Método de Autenticação"
 
-#: gatekeeper/forms.py:197 templates/gatekeeper/gatekeeper_list.html:257
+#: gatekeeper/forms.py:199 templates/gatekeeper/gatekeeper_list.html:257
 msgid "Prefix Length"
 msgstr "Comprimento do Prefixo"
 
-#: gatekeeper/forms.py:198 templates/firewall/firewall_rule_list.html:47
+#: gatekeeper/forms.py:200 templates/firewall/firewall_rule_list.html:47
 #: templates/firewall/manage_firewall_rule.html:360
 #: templates/gatekeeper/gatekeeper_list.html:258
 msgid "Action"
 msgstr "Ação"
 
-#: gatekeeper/forms.py:238 templates/gatekeeper/gatekeeper_list.html:221
+#: gatekeeper/forms.py:240 templates/gatekeeper/gatekeeper_list.html:221
 msgid "Domain"
 msgstr "Domínio"
 
@@ -1346,15 +1350,15 @@ msgstr "Lista de Endereços IP"
 msgid "Shared/global TOTP secret key"
 msgstr "Chave secreta TOTP compartilhada/global"
 
-#: gatekeeper/models.py:68
+#: gatekeeper/models.py:69
 msgid "Password for local authentication (leave blank if not using)"
 msgstr "Senha para autenticação local (deixe em branco se não estiver usando)"
 
-#: gatekeeper/models.py:69
+#: gatekeeper/models.py:70
 msgid "Per-user TOTP secret key"
 msgstr "Chave secreta TOTP por usuário"
 
-#: gatekeeper/models.py:108 templates/gatekeeper/gatekeeper_list.html:270
+#: gatekeeper/models.py:109 templates/gatekeeper/gatekeeper_list.html:270
 msgid "Allow"
 msgstr "Permitir"
 
@@ -1423,117 +1427,125 @@ msgstr "Método de Autenticação salvo com sucesso."
 #: gatekeeper/views.py:175
 msgid ""
 "\n"
-"        <h5>Authentication Types</h5>\n"
+"        <h4>Authentication Types</h4>\n"
 "        <p>Select how users will authenticate through this method.</p>\n"
-"        <ul>\n"
-"            <li><strong>Local Password</strong>: Users will authenticate "
-"using a standard username and password stored locally. Only one of this type "
-"can be created.</li>\n"
-"            <li><strong>TOTP (Time-Based One-Time Password)</strong>: Users "
-"will need to enter a rotating token from an authenticator app. Requires "
-"setting a Global TOTP Secret.</li>\n"
-"            <li><strong>OIDC (OpenID Connect)</strong>: Users will "
-"authenticate via an external identity provider (like Keycloak, Google, or "
-"Authelia). Requires Provider URL, Client ID, and Client Secret.</li>\n"
-"        </ul>\n"
+"        \n"
+"        <h5>Local Password</h5>\n"
+"        <p>Users will authenticate using a standard username and password "
+"stored locally. Only one of this type can be created.</p>\n"
+"        \n"
+"        <h5>OIDC (OpenID Connect)</h5>\n"
+"        <p>Users will authenticate via an external identity provider (like "
+"Keycloak, Google, or Authelia). Requires Provider URL, Client ID, and Client "
+"Secret.</p>\n"
+"        \n"
+"        <h5>TOTP (Time-Based One-Time Password)</h5>\n"
+"        <p>Users will need to enter a rotating token from an authenticator "
+"app. Requires setting a Global TOTP Secret. <br>If <strong>Global TOTP "
+"Before Authentication</strong> is enabled, the PIN is required before the "
+"username and password to help combat bruteforce attacks.</p>\n"
 "        "
 msgstr ""
 "\n"
-"        <h5>Tipos de Autenticação</h5>\n"
+"        <h4>Tipos de Autenticação</h4>\n"
 "        <p>Selecione como os usuários irão se autenticar através deste "
 "método.</p>\n"
-"        <ul>\n"
-"            <li><strong>Senha Local</strong>: Os usuários se autenticarão "
-"usando um nome de usuário e senha padrão armazenados localmente. Apenas um "
-"deste tipo pode ser criado.</li>\n"
-"            <li><strong>TOTP (Senha de Uso Único Baseada em Tempo)</strong>: "
-"Os usuários precisarão inserir um token rotativo de um aplicativo "
-"autenticador. Requer a definição de um Segredo TOTP Global.</li>\n"
-"            <li><strong>OIDC (OpenID Connect)</strong>: Os usuários se "
-"autenticarão por meio de um provedor de identidade externo (como Keycloak, "
-"Google ou Authelia). Requer URL do Provedor, ID do Cliente e Segredo do "
-"Cliente.</li>\n"
-"        </ul>\n"
+"        \n"
+"        <h5>Senha Local</h5>\n"
+"        <p>Os usuários se autenticarão usando um nome de usuário e senha "
+"padrão armazenados localmente. Apenas um deste tipo pode ser criado.</p>\n"
+"        \n"
+"        <h5>OIDC (OpenID Connect)</h5>\n"
+"        <p>Os usuários se autenticarão por meio de um provedor de identidade "
+"externo (como Keycloak, Google ou Authelia). Requer URL do Provedor, ID do "
+"Cliente e Segredo do Cliente.</p>\n"
+"        \n"
+"        <h5>TOTP (Senha de Uso Único Baseada em Tempo)</h5>\n"
+"        <p>Os usuários precisarão inserir um token rotativo de um aplicativo "
+"autenticador. Requer a definição de um Segredo TOTP Global. <br>Se o "
+"<strong>TOTP Global Antes da Autenticação</strong> estiver habilitado, o PIN "
+"será exigido antes do usuário e senha para ajudar a combater ataques de "
+"força bruta.</p>\n"
 "        "
 
-#: gatekeeper/views.py:206
+#: gatekeeper/views.py:210
 msgid "Authentication Method deleted successfully."
 msgstr "Método de Autenticação excluído com sucesso."
 
-#: gatekeeper/views.py:211
+#: gatekeeper/views.py:215
 msgid "Delete Authentication Method"
 msgstr "Excluir Método de Autenticação"
 
-#: gatekeeper/views.py:213
+#: gatekeeper/views.py:217
 #, python-format
 msgid "Are you sure you want to delete the authentication method \"%(name)s\"?"
 msgstr ""
 "Tem certeza de que deseja excluir o método de autenticação \"%(name)s\"?"
 
-#: gatekeeper/views.py:263
+#: gatekeeper/views.py:267
 msgid "Edit Allowed Domain"
 msgstr "Editar Domínio Permitido"
 
-#: gatekeeper/views.py:266 templates/gatekeeper/gatekeeper_list.html:186
+#: gatekeeper/views.py:270 templates/gatekeeper/gatekeeper_list.html:186
 msgid "Add Allowed Domain"
 msgstr "Adicionar Domínio Permitido"
 
-#: gatekeeper/views.py:273
+#: gatekeeper/views.py:277
 msgid "Allowed Domain saved successfully."
 msgstr "Domínio Permitido salvo com sucesso."
 
-#: gatekeeper/views.py:295
+#: gatekeeper/views.py:299
 msgid "Allowed Domain deleted successfully."
 msgstr "Domínio Permitido excluído com sucesso."
 
-#: gatekeeper/views.py:300
+#: gatekeeper/views.py:304
 msgid "Delete Allowed Domain"
 msgstr "Excluir Domínio Permitido"
 
-#: gatekeeper/views.py:302
+#: gatekeeper/views.py:306
 #, python-format
 msgid "Are you sure you want to delete the allowed domain \"%(domain)s\"?"
 msgstr "Tem certeza de que deseja excluir o domínio permitido \"%(domain)s\"?"
 
-#: gatekeeper/views.py:316
+#: gatekeeper/views.py:320
 msgid "Edit Allowed Email"
 msgstr "Editar E-mail Permitido"
 
-#: gatekeeper/views.py:319 templates/gatekeeper/gatekeeper_list.html:183
+#: gatekeeper/views.py:323 templates/gatekeeper/gatekeeper_list.html:183
 msgid "Add Allowed Email"
 msgstr "Adicionar E-mail Permitido"
 
-#: gatekeeper/views.py:326
+#: gatekeeper/views.py:330
 msgid "Allowed Email saved successfully."
 msgstr "E-mail Permitido salvo com sucesso."
 
-#: gatekeeper/views.py:348
+#: gatekeeper/views.py:352
 msgid "Allowed Email deleted successfully."
 msgstr "E-mail Permitido excluído com sucesso."
 
-#: gatekeeper/views.py:353
+#: gatekeeper/views.py:357
 msgid "Delete Allowed Email"
 msgstr "Excluir E-mail Permitido"
 
-#: gatekeeper/views.py:355
+#: gatekeeper/views.py:359
 #, python-format
 msgid "Are you sure you want to delete the allowed email \"%(email)s\"?"
 msgstr "Tem certeza de que deseja excluir o e-mail permitido \"%(email)s\"?"
 
-#: gatekeeper/views.py:369
+#: gatekeeper/views.py:373
 msgid "Edit IP Address"
 msgstr "Editar Endereço IP"
 
-#: gatekeeper/views.py:372 templates/gatekeeper/gatekeeper_list.html:247
+#: gatekeeper/views.py:376 templates/gatekeeper/gatekeeper_list.html:247
 #: templates/wireguard/wireguard_manage_peer.html:171
 msgid "Add IP Address"
 msgstr "Adicionar IP"
 
-#: gatekeeper/views.py:379
+#: gatekeeper/views.py:383
 msgid "IP Address saved successfully."
 msgstr "Endereço IP salvo com sucesso."
 
-#: gatekeeper/views.py:384
+#: gatekeeper/views.py:388
 msgid ""
 "\n"
 "        <h5>IP Address List</h5>\n"
@@ -1580,15 +1592,15 @@ msgstr ""
 "\"Rede do Escritório\", \"Atacante Bloqueado\").</p>\n"
 "        "
 
-#: gatekeeper/views.py:420
+#: gatekeeper/views.py:424
 msgid "IP Address deleted successfully."
 msgstr "Endereço IP excluído com sucesso."
 
-#: gatekeeper/views.py:425
+#: gatekeeper/views.py:429
 msgid "Delete IP Address"
 msgstr "Excluir Endereço IP"
 
-#: gatekeeper/views.py:427
+#: gatekeeper/views.py:431
 #, python-format
 msgid "Are you sure you want to delete the IP address \"%(address)s\"?"
 msgstr "Tem certeza de que deseja excluir o endereço IP \"%(address)s\"?"
diff --git a/locale/sk/LC_MESSAGES/django.mo b/locale/sk/LC_MESSAGES/django.mo
index a2a115c..da44909 100644
Binary files a/locale/sk/LC_MESSAGES/django.mo and b/locale/sk/LC_MESSAGES/django.mo differ
diff --git a/locale/sk/LC_MESSAGES/django.po b/locale/sk/LC_MESSAGES/django.po
index 1f06844..4747476 100644
--- a/locale/sk/LC_MESSAGES/django.po
+++ b/locale/sk/LC_MESSAGES/django.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2026-03-13 20:41-0300\n"
+"POT-Creation-Date: 2026-03-14 08:47-0300\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -68,8 +68,8 @@ msgstr ""
 #: app_gateway/forms.py:129 app_gateway/forms.py:147 app_gateway/forms.py:195
 #: app_gateway/forms.py:236 cluster/forms.py:67 cluster/forms.py:124
 #: dns/forms.py:37 dns/forms.py:84 dns/forms.py:153 gatekeeper/forms.py:41
-#: gatekeeper/forms.py:75 gatekeeper/forms.py:137 gatekeeper/forms.py:224
-#: gatekeeper/forms.py:254 gatekeeper/forms.py:285
+#: gatekeeper/forms.py:75 gatekeeper/forms.py:139 gatekeeper/forms.py:226
+#: gatekeeper/forms.py:256 gatekeeper/forms.py:287
 #: routing_templates/forms.py:71 scheduler/forms.py:102
 #: templates/firewall/manage_firewall_rule.html:379
 #: templates/firewall/manage_firewall_settings.html:59
@@ -134,9 +134,9 @@ msgstr "Povolené"
 #: app_gateway/views.py:399 cluster/views.py:18 cluster/views.py:45
 #: cluster/views.py:114 gatekeeper/views.py:23 gatekeeper/views.py:48
 #: gatekeeper/views.py:78 gatekeeper/views.py:101 gatekeeper/views.py:131
-#: gatekeeper/views.py:154 gatekeeper/views.py:198 gatekeeper/views.py:257
-#: gatekeeper/views.py:287 gatekeeper/views.py:310 gatekeeper/views.py:340
-#: gatekeeper/views.py:363 gatekeeper/views.py:412
+#: gatekeeper/views.py:154 gatekeeper/views.py:202 gatekeeper/views.py:261
+#: gatekeeper/views.py:291 gatekeeper/views.py:314 gatekeeper/views.py:344
+#: gatekeeper/views.py:367 gatekeeper/views.py:416
 #: templates/access_denied.html:9
 msgid "Access Denied"
 msgstr "Prístup zamietnutý"
@@ -218,8 +218,8 @@ msgstr "Upstream"
 
 #: app_gateway/forms.py:41 app_gateway/forms.py:86 app_gateway/forms.py:130
 #: app_gateway/forms.py:148 app_gateway/forms.py:196 app_gateway/forms.py:237
-#: gatekeeper/forms.py:42 gatekeeper/forms.py:76 gatekeeper/forms.py:138
-#: gatekeeper/forms.py:225 gatekeeper/forms.py:255 gatekeeper/forms.py:286
+#: gatekeeper/forms.py:42 gatekeeper/forms.py:76 gatekeeper/forms.py:140
+#: gatekeeper/forms.py:227 gatekeeper/forms.py:257 gatekeeper/forms.py:288
 #: scheduler/forms.py:103
 #: templates/app_gateway/access_policy_type_select.html:50
 #: templates/generic_delete_confirmation.html:19
@@ -297,7 +297,7 @@ msgstr "Verejné"
 msgid "Protected"
 msgstr "Chránené"
 
-#: app_gateway/models.py:45 gatekeeper/models.py:108
+#: app_gateway/models.py:45 gatekeeper/models.py:109
 #: templates/app_gateway/access_policy_type_select.html:41
 #: templates/gatekeeper/gatekeeper_list.html:272
 msgid "Deny"
@@ -477,7 +477,9 @@ msgstr "Politika prístupu bola úspešne odstránená."
 msgid ""
 "Cannot delete this Access Policy because it is currently in use by an "
 "Application Route or Application Default Policy."
-msgstr "Túto prístupovú politiku nie je možné odstrániť, pretože sa momentálne používa v trase aplikácie alebo v predvolenej politike aplikácie."
+msgstr ""
+"Túto prístupovú politiku nie je možné odstrániť, pretože sa momentálne "
+"používa v trase aplikácie alebo v predvolenej politike aplikácie."
 
 #: app_gateway/views.py:278
 msgid "Delete Access Policy"
@@ -582,7 +584,7 @@ msgstr "Naozaj chcete odstrániť trasu \"%(name)s\" (%(path)s)?"
 msgid "IP Lock"
 msgstr "IP zámok"
 
-#: cluster/forms.py:21 dns/forms.py:67 gatekeeper/forms.py:196
+#: cluster/forms.py:21 dns/forms.py:67 gatekeeper/forms.py:198
 #: templates/cluster/workers_list.html:10
 #: templates/dns/static_host_list.html:18
 #: templates/firewall/manage_redirect_rule.html:43
@@ -859,7 +861,7 @@ msgstr "Statický DNS"
 msgid "Invalid hostname."
 msgstr "Neplatný názov hostiteľa."
 
-#: dns/forms.py:131 firewall/forms.py:111 gatekeeper/forms.py:199
+#: dns/forms.py:131 firewall/forms.py:111 gatekeeper/forms.py:201
 #: templates/api_v2/api_documentation.html:51
 #: templates/dns/static_host_list.html:69
 #: templates/firewall/manage_redirect_rule.html:18
@@ -1197,7 +1199,7 @@ msgstr "Nastavenia firewall boli úspešne uložené"
 msgid "Username"
 msgstr "Používateľské meno"
 
-#: gatekeeper/forms.py:18 gatekeeper/forms.py:269
+#: gatekeeper/forms.py:18 gatekeeper/forms.py:271
 #: templates/gatekeeper/gatekeeper_list.html:62
 #: templates/gatekeeper/gatekeeper_list.html:204
 #: templates/wireguard/peer_list/peer_preview_modal.html:103
@@ -1243,78 +1245,82 @@ msgid "Global TOTP Secret"
 msgstr "Globálne TOTP tajomstvo"
 
 #: gatekeeper/forms.py:102
+msgid "Global TOTP Before Authentication"
+msgstr "Globálne TOTP pred autentifikáciou"
+
+#: gatekeeper/forms.py:103
 msgid "OIDC Provider URL"
 msgstr "URL poskytovateľa OIDC"
 
-#: gatekeeper/forms.py:103
+#: gatekeeper/forms.py:104
 msgid "OIDC Client ID"
 msgstr "ID klienta OIDC"
 
-#: gatekeeper/forms.py:104
+#: gatekeeper/forms.py:105
 msgid "OIDC Client Secret"
 msgstr "Secret klienta OIDC"
 
-#: gatekeeper/forms.py:155
+#: gatekeeper/forms.py:157
 msgid "TOTP secret must be empty for Local Password authentication."
 msgstr "TOTP tajomstvo musí byť prázdne pre autentifikáciu miestnym heslom."
 
-#: gatekeeper/forms.py:157
+#: gatekeeper/forms.py:159
 msgid "TOTP validation PIN must be empty for Local Password authentication."
 msgstr ""
 "Validačný PIN TOTP musí byť prázdny pre autentifikáciu miestnym heslom."
 
-#: gatekeeper/forms.py:159
+#: gatekeeper/forms.py:161
 msgid "OIDC fields must be empty for Local Password authentication."
 msgstr "Polia OIDC musia byť prázdne pre autentifikáciu miestnym heslom."
 
-#: gatekeeper/forms.py:165
+#: gatekeeper/forms.py:167
 msgid "Only one Local Password authentication method can be configured."
 msgstr ""
 "Je možné nakonfigurovať iba jednu metódu autentifikácie miestnym heslom."
 
-#: gatekeeper/forms.py:168
+#: gatekeeper/forms.py:170
 msgid "OIDC fields must be empty for TOTP authentication."
 msgstr "Polia OIDC musia byť prázdne pre autentifikáciu TOTP."
 
-#: gatekeeper/forms.py:170
+#: gatekeeper/forms.py:172
 msgid "TOTP secret is required for TOTP authentication."
 msgstr "TOTP tajomstvo je povinné pre autentifikáciu TOTP."
 
-#: gatekeeper/forms.py:174
+#: gatekeeper/forms.py:176
 msgid "Please provide a PIN to validate the TOTP secret."
 msgstr "Na overenie tajomstva TOTP zadajte PIN."
 
-#: gatekeeper/forms.py:179
+#: gatekeeper/forms.py:181
 msgid "Invalid TOTP PIN."
 msgstr "Neplatný PIN TOTP."
 
-#: gatekeeper/forms.py:181
+#: gatekeeper/forms.py:183
 msgid "Invalid TOTP secret format. Must be a valid Base32 string."
 msgstr "Neplatný formát tajomstva TOTP. Musí to byť platný reťazec Base32."
 
-#: gatekeeper/forms.py:184
+#: gatekeeper/forms.py:186
 msgid "TOTP secret must be empty for OIDC authentication."
 msgstr "TOTP tajomstvo musí byť prázdne pre autentifikáciu OIDC."
 
-#: gatekeeper/forms.py:186
+#: gatekeeper/forms.py:188
 msgid "TOTP validation PIN must be empty for OIDC authentication."
 msgstr "Validačný PIN TOTP musí byť prázdny pre autentifikáciu OIDC."
 
-#: gatekeeper/forms.py:195 gatekeeper/forms.py:237 gatekeeper/forms.py:268
+#: gatekeeper/forms.py:197 gatekeeper/forms.py:239 gatekeeper/forms.py:270
 msgid "Authentication Method"
 msgstr "Metóda autentifikácie"
 
-#: gatekeeper/forms.py:197 templates/gatekeeper/gatekeeper_list.html:257
+#: gatekeeper/forms.py:199 templates/gatekeeper/gatekeeper_list.html:257
 msgid "Prefix Length"
 msgstr "Dĺžka prefixu"
 
-#: gatekeeper/forms.py:198 templates/firewall/firewall_rule_list.html:47
+#: gatekeeper/forms.py:200 templates/firewall/firewall_rule_list.html:47
 #: templates/firewall/manage_firewall_rule.html:360
 #: templates/gatekeeper/gatekeeper_list.html:258
 msgid "Action"
 msgstr "Akcia"
 
-#: gatekeeper/forms.py:238 templates/gatekeeper/gatekeeper_list.html:221
+#: gatekeeper/forms.py:240 templates/gatekeeper/gatekeeper_list.html:221
 msgid "Domain"
 msgstr "Doména"
 
@@ -1338,15 +1344,15 @@ msgstr "Zoznam IP adries"
 msgid "Shared/global TOTP secret key"
 msgstr "Zdieľaný/globálny tajný kľúč TOTP"
 
-#: gatekeeper/models.py:68
+#: gatekeeper/models.py:69
 msgid "Password for local authentication (leave blank if not using)"
 msgstr "Heslo pre miestnu autentifikáciu (ak nepoužívate, nechajte prázdne)"
 
-#: gatekeeper/models.py:69
+#: gatekeeper/models.py:70
 msgid "Per-user TOTP secret key"
 msgstr "Tajný kľúč TOTP pre jednotlivých používateľov"
 
-#: gatekeeper/models.py:108 templates/gatekeeper/gatekeeper_list.html:270
+#: gatekeeper/models.py:109 templates/gatekeeper/gatekeeper_list.html:270
 msgid "Allow"
 msgstr "Povoliť"
 
@@ -1415,116 +1421,125 @@ msgstr "Metóda autentifikácie bola úspešne uložená."
 #: gatekeeper/views.py:175
 msgid ""
 "\n"
-"        <h5>Authentication Types</h5>\n"
+"        <h4>Authentication Types</h4>\n"
 "        <p>Select how users will authenticate through this method.</p>\n"
-"        <ul>\n"
-"            <li><strong>Local Password</strong>: Users will authenticate "
-"using a standard username and password stored locally. Only one of this type "
-"can be created.</li>\n"
-"            <li><strong>TOTP (Time-Based One-Time Password)</strong>: Users "
-"will need to enter a rotating token from an authenticator app. Requires "
-"setting a Global TOTP Secret.</li>\n"
-"            <li><strong>OIDC (OpenID Connect)</strong>: Users will "
-"authenticate via an external identity provider (like Keycloak, Google, or "
-"Authelia). Requires Provider URL, Client ID, and Client Secret.</li>\n"
-"        </ul>\n"
+"        \n"
+"        <h5>Local Password</h5>\n"
+"        <p>Users will authenticate using a standard username and password "
+"stored locally. Only one of this type can be created.</p>\n"
+"        \n"
+"        <h5>OIDC (OpenID Connect)</h5>\n"
+"        <p>Users will authenticate via an external identity provider (like "
+"Keycloak, Google, or Authelia). Requires Provider URL, Client ID, and Client "
+"Secret.</p>\n"
+"        \n"
+"        <h5>TOTP (Time-Based One-Time Password)</h5>\n"
+"        <p>Users will need to enter a rotating token from an authenticator "
+"app. Requires setting a Global TOTP Secret. <br>If <strong>Global TOTP "
+"Before Authentication</strong> is enabled, the PIN is required before the "
+"username and password to help combat bruteforce attacks.</p>\n"
 "        "
 msgstr ""
 "\n"
-"        <h5>Typy autentifikácie</h5>\n"
+"        <h4>Typy autentifikácie</h4>\n"
 "        <p>Vyberte, ako sa budú používatelia autentifikovať prostredníctvom "
 "tejto metódy.</p>\n"
-"        <ul>\n"
-"            <li><strong>Miestne heslo</strong>: Používatelia sa budú "
-"autentifikovať pomocou štandardného používateľského mena a hesla uloženého "
-"lokálne. Je možné vytvoriť iba jeden tento typ.</li>\n"
-"            <li><strong>TOTP (časovo založené jednorazové heslo)</strong>: "
-"Používatelia budú musieť zadať rotujúci token z autentifikačnej aplikácie. "
-"Vyžaduje nastavenie globálneho tajomstva TOTP.</li>\n"
-"            <li><strong>OIDC (OpenID Connect)</strong>: Používatelia sa budú "
-"autentifikovať prostredníctvom externého poskytovateľa identity (ako "
-"Keycloak, Google alebo Authelia). Vyžaduje URL poskytovateľa, ID klienta a "
-"Secret klienta.</li>\n"
-"        </ul>\n"
+"        \n"
+"        <h5>Miestne heslo</h5>\n"
+"        <p>Používatelia sa budú autentifikovať pomocou štandardného "
+"používateľského mena a hesla uloženého lokálne. Je možné vytvoriť iba jeden "
+"tento typ.</p>\n"
+"        \n"
+"        <h5>OIDC (OpenID Connect)</h5>\n"
+"        <p>Používatelia sa budú autentifikovať prostredníctvom externého "
+"poskytovateľa identity (ako Keycloak, Google alebo Authelia). Vyžaduje URL "
+"poskytovateľa, ID klienta a Secret klienta.</p>\n"
+"        \n"
+"        <h5>TOTP (Časovo založené jednorazové heslo)</h5>\n"
+"        <p>Používatelia budú musieť zadať rotujúci token z autentifikačnej "
+"aplikácie. Vyžaduje nastavenie globálneho tajomstva TOTP. <br>Ak je "
+"povolené <strong>Globálne TOTP pred autentifikáciou</strong>, PIN sa "
+"vyžaduje pred používateľským menom a heslom, čo pomáha bojovať proti "
+"útokom hrubou silou.</p>\n"
 "        "
 
-#: gatekeeper/views.py:206
+#: gatekeeper/views.py:210
 msgid "Authentication Method deleted successfully."
 msgstr "Metóda autentifikácie bola úspešne odstránená."
 
-#: gatekeeper/views.py:211
+#: gatekeeper/views.py:215
 msgid "Delete Authentication Method"
 msgstr "Odstrániť metódu autentifikácie"
 
-#: gatekeeper/views.py:213
+#: gatekeeper/views.py:217
 #, python-format
 msgid "Are you sure you want to delete the authentication method \"%(name)s\"?"
 msgstr "Naozaj chcete odstrániť metódu autentifikácie \"%(name)s\"?"
 
-#: gatekeeper/views.py:263
+#: gatekeeper/views.py:267
 msgid "Edit Allowed Domain"
 msgstr "Upraviť povolenú doménu"
 
-#: gatekeeper/views.py:266 templates/gatekeeper/gatekeeper_list.html:186
+#: gatekeeper/views.py:270 templates/gatekeeper/gatekeeper_list.html:186
 msgid "Add Allowed Domain"
 msgstr "Pridať povolenú doménu"
 
-#: gatekeeper/views.py:273
+#: gatekeeper/views.py:277
 msgid "Allowed Domain saved successfully."
 msgstr "Povolená doména bola úspešne uložená."
 
-#: gatekeeper/views.py:295
+#: gatekeeper/views.py:299
 msgid "Allowed Domain deleted successfully."
 msgstr "Povolená doména bola úspešne odstránená."
 
-#: gatekeeper/views.py:300
+#: gatekeeper/views.py:304
 msgid "Delete Allowed Domain"
 msgstr "Odstrániť povolenú doménu"
 
-#: gatekeeper/views.py:302
+#: gatekeeper/views.py:306
 #, python-format
 msgid "Are you sure you want to delete the allowed domain \"%(domain)s\"?"
 msgstr "Naozaj chcete odstrániť povolenú doménu \"%(domain)s\"?"
 
-#: gatekeeper/views.py:316
+#: gatekeeper/views.py:320
 msgid "Edit Allowed Email"
 msgstr "Upraviť povolený e-mail"
 
-#: gatekeeper/views.py:319 templates/gatekeeper/gatekeeper_list.html:183
+#: gatekeeper/views.py:323 templates/gatekeeper/gatekeeper_list.html:183
 msgid "Add Allowed Email"
 msgstr "Pridať povolený e-mail"
 
-#: gatekeeper/views.py:326
+#: gatekeeper/views.py:330
 msgid "Allowed Email saved successfully."
 msgstr "Povolený e-mail bol úspešne uložený."
 
-#: gatekeeper/views.py:348
+#: gatekeeper/views.py:352
 msgid "Allowed Email deleted successfully."
 msgstr "Povolený e-mail bol úspešne odstránený."
 
-#: gatekeeper/views.py:353
+#: gatekeeper/views.py:357
 msgid "Delete Allowed Email"
 msgstr "Odstrániť povolený e-mail"
 
-#: gatekeeper/views.py:355
+#: gatekeeper/views.py:359
 #, python-format
 msgid "Are you sure you want to delete the allowed email \"%(email)s\"?"
 msgstr "Naozaj chcete odstrániť povolený e-mail \"%(email)s\"?"
 
-#: gatekeeper/views.py:369
+#: gatekeeper/views.py:373
 msgid "Edit IP Address"
 msgstr "Upraviť IP adresu"
 
-#: gatekeeper/views.py:372 templates/gatekeeper/gatekeeper_list.html:247
+#: gatekeeper/views.py:376 templates/gatekeeper/gatekeeper_list.html:247
 #: templates/wireguard/wireguard_manage_peer.html:171
 msgid "Add IP Address"
 msgstr "Pridať IP adresu"
 
-#: gatekeeper/views.py:379
+#: gatekeeper/views.py:383
 msgid "IP Address saved successfully."
 msgstr "IP adresa bola úspešne uložená."
 
-#: gatekeeper/views.py:384
+#: gatekeeper/views.py:388
 msgid ""
 "\n"
 "        <h5>IP Address List</h5>\n"
@@ -1571,15 +1586,15 @@ msgstr ""
 "(napr. „Kancelárska sieť“, „Blokovaný útočník“).</p>\n"
 "        "
 
-#: gatekeeper/views.py:420
+#: gatekeeper/views.py:424
 msgid "IP Address deleted successfully."
 msgstr "IP adresa bola úspešne odstránená."
 
-#: gatekeeper/views.py:425
+#: gatekeeper/views.py:429
 msgid "Delete IP Address"
 msgstr "Odstrániť IP adresu"
 
-#: gatekeeper/views.py:427
+#: gatekeeper/views.py:431
 #, python-format
 msgid "Are you sure you want to delete the IP address \"%(address)s\"?"
 msgstr "Naozaj chcete odstrániť IP adresu \"%(address)s\"?"