diff --git a/docs/development/concepts/secure-coding/README.md b/docs/development/concepts/secure-coding/README.md
index d6fa6d85c10c..5ddbe40db850 100644
--- a/docs/development/concepts/secure-coding/README.md
+++ b/docs/development/concepts/secure-coding/README.md
@@ -55,6 +55,8 @@ Implement strong authentication mechanisms for any sensitive credentials to be u
 
 
 
+<a id="usage-at-openproject"></a>
+
 **Usage at OpenProject**
 
 OpenProject uses industry standard authentication mechanisms that follow the best practices and are the de-facto norm for many organizations:
@@ -66,6 +68,16 @@ OpenProject uses industry standard authentication mechanisms that follow the bes
 
 
 
+<a id="usage-recommendations"></a>
+
+OpenProject recommends these authenticiation mechanisms:
+
+- For smaller to medium organizations with no centralized authentication mechanism, use the internal username / password authentication mechanism for secure storing of your user's credentials using BCrypt salted cryptographic hash function.
+- For organizations with a centralized and accessible LDAP server, [OpenProject provides LDAP userbind authentication](https://www.openproject.org/docs/system-admin-guide/authentication/ldap-authentication/) to foward the authentication request to your LDAP server. Use TLS or LDAPS encrypted connections to the LDAP server to ensure transport level security. Optionally, synchronize roles and permissions using the [LDAP Group sync functionality](https://www.openproject.org/docs/system-admin-guide/authentication/ldap-authentication/ldap-group-synchronization/).
+- If your organization operates a central authentication services, it is very likely it supports one of the standard remote authentication mechanisms for single sign-on, such as [OpenID connect](https://www.openproject.org/docs/system-admin-guide/authentication/openid-providers/),  [SAML](https://www.openproject.org/docs/system-admin-guide/authentication/saml/), or [Kerberos](https://www.openproject.org/docs/system-admin-guide/authentication/kerberos/). Use these mechanisms to ensure a standardized and secure authentication of users without requiring the storage of any credentials at OpenProject while providing a high level of usability due to centralized logins.
+
+
+
 **References**
 
 https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html