diff --git a/doc/user/profile/account/two_factor_authentication.md b/doc/user/profile/account/two_factor_authentication.md
index 69dfad829b4..df413a11af0 100644
--- a/doc/user/profile/account/two_factor_authentication.md
+++ b/doc/user/profile/account/two_factor_authentication.md
@@ -162,8 +162,7 @@ a new set of recovery codes with SSH.
 1. Run `ssh git@gitlab.example.com 2fa_recovery_codes`.
 1. You are prompted to confirm that you want to generate new codes. Continuing this process invalidates previously saved codes.
 
-    ```
-    bash
+    ```sh
     $ ssh git@gitlab.example.com 2fa_recovery_codes
     Are you sure you want to generate new two-factor recovery codes?
     Any existing recovery codes you saved will be invalidated. (yes/no)
@@ -208,17 +207,17 @@ Sign in and re-enable two-factor authentication as soon as possible.
 - You need to take special care to that 2FA keeps working after
   [restoring a GitLab backup](../../../raketasks/backup_restore.md).
 - To ensure 2FA authorizes correctly with TOTP server, you may want to ensure
-  your GitLab server's time is synchronized via a service like NTP.  Otherwise,
+  your GitLab server's time is synchronized via a service like NTP. Otherwise,
   you may have cases where authorization always fails because of time differences.
 - The GitLab U2F implementation does _not_ work when the GitLab instance is accessed from
   multiple hostnames, or FQDNs. Each U2F registration is linked to the _current hostname_ at
   the time of registration, and cannot be used for other hostnames/FQDNs.
 
-    For example, if a user is trying to access a GitLab instance from `first.host.xyz` and `second.host.xyz`:
+  For example, if a user is trying to access a GitLab instance from `first.host.xyz` and `second.host.xyz`:
 
-    - The user logs in via `first.host.xyz` and registers their U2F key.
-    - The user logs out and attempts to log in via `first.host.xyz` - U2F authentication succeeds.
-    - The user logs out and attempts to log in via `second.host.xyz` - U2F authentication fails, because
+  - The user logs in via `first.host.xyz` and registers their U2F key.
+  - The user logs out and attempts to log in via `first.host.xyz` - U2F authentication succeeds.
+  - The user logs out and attempts to log in via `second.host.xyz` - U2F authentication fails, because
     the U2F key has only been registered on `first.host.xyz`.
 
 [Google Authenticator]: https://support.google.com/accounts/answer/1066447?hl=en