diff --git a/cmd/config.go b/cmd/config.go
index ce8ebdb7..888a3fa6 100644
--- a/cmd/config.go
+++ b/cmd/config.go
@@ -44,15 +44,37 @@ func addConfigFlags(flags *pflag.FlagSet) {
 	flags.Bool("branding.disableExternal", false, "disable external links such as GitHub links")
 }
 
-func getAuthentication(flags *pflag.FlagSet) (settings.AuthMethod, auth.Auther) {
+func getAuthentication(flags *pflag.FlagSet, defaults ...interface{}) (settings.AuthMethod, auth.Auther) {
 	method := settings.AuthMethod(mustGetString(flags, "auth.method"))
 
+	var defaultAuther map[string]interface{}
+	if len(defaults) > 0 {
+		if hasAuth := defaults[0]; hasAuth != true {
+			for _, arg := range defaults {
+				switch def := arg.(type) {
+				case *settings.Settings:
+					method = settings.AuthMethod(def.AuthMethod)
+				case auth.Auther:
+					ms, err := json.Marshal(def)
+					checkErr(err)
+					json.Unmarshal(ms, &defaultAuther)
+				}
+			}
+		}
+	}
+
 	var auther auth.Auther
 	if method == auth.MethodProxyAuth {
 		header := mustGetString(flags, "auth.header")
+
 		if header == "" {
-			panic(nerrors.New("you must set the flag 'auth.header' for method 'proxy'"))
+			header = defaultAuther["header"].(string)
 		}
+
+		if header == "" {
+			checkErr(nerrors.New("you must set the flag 'auth.header' for method 'proxy'"))
+		}
+
 		auther = &auth.ProxyAuth{Header: header}
 	}
 
@@ -62,17 +84,28 @@ func getAuthentication(flags *pflag.FlagSet) (settings.AuthMethod, auth.Auther)
 
 	if method == auth.MethodJSONAuth {
 		jsonAuth := &auth.JSONAuth{}
-
 		host := mustGetString(flags, "recaptcha.host")
 		key := mustGetString(flags, "recaptcha.key")
 		secret := mustGetString(flags, "recaptcha.secret")
 
-		if key != "" && secret != "" {
-			jsonAuth.ReCaptcha = &auth.ReCaptcha{
-				Host:   host,
-				Key:    key,
-				Secret: secret,
-			}
+		if key == "" {
+			kmap := defaultAuther["recaptcha"].(map[string]interface{})
+			key = kmap["key"].(string)
+		}
+
+		if secret == "" {
+			smap := defaultAuther["recaptcha"].(map[string]interface{})
+			secret = smap["secret"].(string)
+		}
+
+		if key == "" || secret == "" {
+			checkErr(nerrors.New("you must set the flag 'recaptcha.key' and 'recaptcha.secret' for method 'json'"))
+		}
+
+		jsonAuth.ReCaptcha = &auth.ReCaptcha{
+			Host:   host,
+			Key:    key,
+			Secret: secret,
 		}
 
 		auther = jsonAuth
diff --git a/cmd/config_set.go b/cmd/config_set.go
index 5b417140..9b49b234 100644
--- a/cmd/config_set.go
+++ b/cmd/config_set.go
@@ -3,7 +3,6 @@ package cmd
 import (
 	"strings"
 
-	"github.com/filebrowser/filebrowser/v2/auth"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
 )
@@ -63,16 +62,15 @@ you want to change. Other options will remain unchanged.`,
 
 		getUserDefaults(flags, &set.Defaults, false)
 
-		var auther auth.Auther
-		if hasAuth {
-			set.AuthMethod, auther = getAuthentication(flags)
-			err = d.store.Auth.Save(auther)
-			checkErr(err)
-		} else {
-			auther, err = d.store.Auth.Get(set.AuthMethod)
-			checkErr(err)
-		}
+		// read the defaults
+		auther, err := d.store.Auth.Get(set.AuthMethod)
+		checkErr(err)
 
+		// check if there are new flags for existing auth method
+		set.AuthMethod, auther = getAuthentication(flags, hasAuth, set, auther)
+
+		err = d.store.Auth.Save(auther)
+		checkErr(err)
 		err = d.store.Settings.Save(set)
 		checkErr(err)
 		err = d.store.Settings.SaveServer(ser)