diff --git a/docs/images/screenshots/pbs-gui-tfa-add-recovery-keys.png b/docs/images/screenshots/pbs-gui-tfa-add-recovery-keys.png
new file mode 100644
index 00000000..02a401f9
Binary files /dev/null and b/docs/images/screenshots/pbs-gui-tfa-add-recovery-keys.png differ
diff --git a/docs/images/screenshots/pbs-gui-tfa-add-totp.png b/docs/images/screenshots/pbs-gui-tfa-add-totp.png
new file mode 100644
index 00000000..890423e6
Binary files /dev/null and b/docs/images/screenshots/pbs-gui-tfa-add-totp.png differ
diff --git a/docs/images/screenshots/pbs-gui-tfa-login.png b/docs/images/screenshots/pbs-gui-tfa-login.png
new file mode 100644
index 00000000..95646669
Binary files /dev/null and b/docs/images/screenshots/pbs-gui-tfa-login.png differ
diff --git a/docs/user-management.rst b/docs/user-management.rst
index 493e4061..93a79d73 100644
--- a/docs/user-management.rst
+++ b/docs/user-management.rst
@@ -307,6 +307,10 @@ This means that a remote user can never get hold on such a physical object. So,
 even if that user would know your password they cannot successfully
 authenticate as you, as your second factor is missing.
 
+.. image:: images/screenshots/pbs-gui-tfa-login.png
+  :align: right
+  :alt: Add a new user
+
 Available Second Factors
 ~~~~~~~~~~~~~~~~~~~~~~~~
 
@@ -336,6 +340,11 @@ Setup
 .. _user_tfa_setup_totp:
 TOTP
 ^^^^
+
+.. image:: images/screenshots/pbs-gui-tfa-add-totp.png
+  :align: right
+  :alt: Add a new user
+
 There is not server setup required, simply install a TOTP app on your
 smartphone (for example, `FreeOTP <https://freeotp.github.io/>`_) and use the
 Proxmox Backup Server web-interface to add a TOTP factor.
@@ -359,6 +368,10 @@ configuration in the *Access Control* panel.
 Recovery Keys
 ^^^^^^^^^^^^^
 
+.. image:: images/screenshots/pbs-gui-tfa-add-recovery-keys.png
+  :align: right
+  :alt: Add a new user
+
 Recovery key codes do not need any preparation, you can simply create a set of
 recovery keys in the *Access Control* panel.