the grafana one is the most important for users, so direct readers there.

service/prometheus.md

@@ -2943,16 +2943,8 @@ inspect alerts, and issue silences. It's used in our test suite.
 
 ## Authentication
 
-The web interface is protected by HTTP basic authentication backed by
-LDAP. Users with access to LDAP can set a `webPassword` password which
-gets propagated to the server. There is a "fallback" user (hardcoded
-`admin` username, password in Trocla
-(`profile::prometheus::server::password_fallback`) and the password
-manager (under `services/prometheus.torproject.org`) that can be used in
-case the other system fails.
-
-See the [basic authentication in Grafana](howto/grafana#basic-authentication) for more information for
-users.
+Web-based authentication is shared with Grafana, see [the Grafana
+authentication documentation](howto/grafana#authentication).
 
 Polling from the Prometheus servers to the exporters on servers is
 permitted by IP address specifically just for the Prometheus server