diff --git a/.env.example b/.env.example
index 0875d02b..8700e5c7 100644
--- a/.env.example
+++ b/.env.example
@@ -105,7 +105,7 @@ MAIL_FROM_ADDRESS=null
 # authentication checks. That means your proxy is fully responsible of the authentication process, 2FAuth will
 # trust him as long as headers are presents.
 
-AUTHENTICATION_GUARD=
+AUTHENTICATION_GUARD=web-guard
 
 # Name of the HTTP headers sent by the reverse proxy that identifies the authenticated user at proxy level.
 # Check your proxy documentation to find out how these headers are named (i.e 'REMOTE_USER', 'REMOTE_EMAIL', etc...)
diff --git a/Dockerfile b/Dockerfile
index 73c964d9..9024a6f5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -166,15 +166,15 @@ ENV \
     # When using 'reverse-proxy-guard' 2FAuth only look for the dedicated headers and skip all other built-in
     # authentication checks. That means your proxy is fully responsible of the authentication process, 2FAuth will
     # trust him as long as headers are presents.
-    AUTHENTICATION_GUARD= \
+    AUTHENTICATION_GUARD=web-guard \
     # Name of the HTTP headers sent by the reverse proxy that identifies the authenticated user at proxy level.
     # Check your proxy documentation to find out how these headers are named (i.e 'REMOTE_USER', 'REMOTE_EMAIL', etc...)
     # (only relevant when AUTHENTICATION_GUARD is set to 'reverse-proxy-guard')
-    AUTH_PROXY_HEADER_FOR_USER= \
-    AUTH_PROXY_HEADER_FOR_EMAIL= \
+    AUTH_PROXY_HEADER_FOR_USER=null \
+    AUTH_PROXY_HEADER_FOR_EMAIL=null \
     # WebAuthn settings
     # Relying Party name, aka the name of the application. If null, defaults to APP_NAME
-    WEBAUTHN_NAME= \
+    WEBAUTHN_NAME=2FAuth \
     # Relying Party ID. If null, the device will fill it internally.
     # See https://webauthn-doc.spomky-labs.com/pre-requisites/the-relying-party#how-to-determine-the-relying-party-id
     WEBAUTHN_ID= \
@@ -193,7 +193,7 @@ ENV \
     #   'required': Will ALWAYS ask for user verification
     #   'preferred' (default) : Will ask for user verification IF POSSIBLE
     #   'discouraged' : Will NOT ask for user verification (for example, to minimize disruption to the user interaction flow)
-    WEBAUTHN_USER_VERIFICATION= \
+    WEBAUTHN_USER_VERIFICATION=preferred \
     # Use this setting to declare trusted proxied.
     # Supported:
     #   '*': to trust any proxy