We are considering Administration -> Authentication page.
As we know in the 1.8 frontend if an user selects any value of "Default authentication" it is preserved in the "profiles" table.
Then this value will be shown when the user visits the page, disregarding on fact that actual authentication stored in a "config" table and it can be different (yes, I know about an visible checkbox).

A value stored in the profiles table:
mysql> SELECT userid, idx, value_int FROM `profiles` WHERE `idx` LIKE '%authentication%';
------------------------------------------

------------------------------------------

------------------------------------------

Where "value_int" it's last time selected authentication_type:
0 - internal (authenticated by Zabbix)
1 - External LDAP
2 - External HTTP

A scenario:
1. Suppose a zabbix super admin using 1.8.x frontend once has selected HTTP (or LDAP is similar example) authentication and left it (without saving changes).
2. He has upgraded to 2.0 version.
3. Once it opened the Administration -> Authentication page (using 2.0 frontend already).
4. He will see that "HTTP" radio-button will be highlighted which should mean the HTTP default authentication, but he knows that actually "Internal" should be highlighted.
5. He clicks on "Internal" button and will see that Save button is not "clickable" (not active).
My guess - the Save button is not active because in the "config" table the current "Internal" auth already defined.

So it's bad behavior which can mislead users.

To solve this case I'm suggesting to not use "profiles" table to store the "idx=web.authentication.config" record at all but use only "config" table to show actual current default authentication method.