sigp · rickimoore · Apr 25, 2023 · Apr 25, 2023 · Apr 26, 2023
diff --git a/book/src/SUMMARY.md b/book/src/SUMMARY.md
@@ -35,6 +35,7 @@
     * [Prometheus Metrics](./advanced_metrics.md)
 * [Lighthouse UI (Siren)](./lighthouse-ui.md)
 	* [Installation](./ui-installation.md)
+    * [Authentication](./ui-authentication.md)
 	* [Configuration](./ui-configuration.md)
 	* [Usage](./ui-usage.md)
 	* [FAQs](./ui-faqs.md)

diff --git a/book/src/imgs/ui-autoconnect-auth.png b/book/src/imgs/ui-autoconnect-auth.png
diff --git a/book/src/imgs/ui-exit.png b/book/src/imgs/ui-exit.png
diff --git a/book/src/imgs/ui-fail-auth.png b/book/src/imgs/ui-fail-auth.png
diff --git a/book/src/imgs/ui-session-auth.png b/book/src/imgs/ui-session-auth.png
diff --git a/book/src/lighthouse-ui.md b/book/src/lighthouse-ui.md
@@ -11,7 +11,7 @@ _Documentation for Siren users and developers._
 
 Siren is a user interface built for Lighthouse that connects to a Lighthouse Beacon Node and
 a Lighthouse Validator Client to monitor performance and display key validator
-metrics. 
+metrics.
 
 The UI is currently in active development. Its resides in the
 [Siren](https://github.com/sigp/siren) repository.
@@ -24,7 +24,8 @@ information:
 - [Installation Guide](./ui-installation.md) - Information to install and run the Lighthouse UI.
 - [Configuration Guide](./ui-configuration.md) - Explanation of how to setup
 	and configure Siren.
-- [Usage](./ui-usage.md) - Details various Siren components. 
+- [Authentication Guide](./ui-authentication.md) - Explanation of how Siren authentication works and protects validator actions.
+- [Usage](./ui-usage.md) - Details various Siren components.
 - [FAQs](./ui-faqs.md) - Frequently Asked Questions.
 
 ## Contributing

diff --git a/book/src/ui-authentication.md b/book/src/ui-authentication.md
@@ -0,0 +1,31 @@
+# Authentication
+
+To enhance the security of your account, we offer the option to set a session password. This additional layer of protection ensures that only authorized individuals can access your account, even in the event of unauthorized device access. In the absence of a session password, Siren will revert to the api-token specified in your configuration settings as the default security measure.
+
+![](imgs/ui-session-auth.png)
+
+Session passwords must contain at least:
+
+- 12 characters
+- 1 lowercase letter
+- 1 uppercase letter
+- 1 number
+- 1 special character
+
+
+## Protected Actions
+
+Prior to executing any sensitive validator action, Siren will request authentication of the session password or api-token.
+
+![](imgs/ui-exit.png)
+
+
+In the event of three consecutive failed attempts, Siren will initiate a security measure by locking all actions and prompting for configuration settings to be renewed to regain access to these features.
+
+![](imgs/ui-fail-auth.png)
+
+## Auto Connect
+
+In the event that auto-connect is enabled, refreshing the Siren application will result in a prompt to authenticate the session password or api-token. If three consecutive authentication attempts fail, Siren will activate a security measure by locking the session and prompting for configuration settings to be reset to regain access.
+
+![](imgs/ui-autoconnect-auth.png)