Profile & Account

Change Password

Verify your current password, enter the new one twice. Password policy is enforced server-side per security.password_policy in /etc/sysmanage.yaml (length, character classes, history). Passwords are bcrypt-hashed; only the hash is stored.

Multi-Factor Authentication

TOTP-based MFA via any authenticator app (Google Authenticator, 1Password, Authy, Bitwarden). Enrolment flow: scan QR, type 6-digit code to confirm, save your recovery codes (single-use, only shown once). Disabling MFA requires re-entering the current code as proof.

API Tokens

Long-lived tokens for scripted access to /api/* endpoints. Create with a name + expiry; the secret is shown once at creation time then never again. Tokens carry the same permissions as your user; revocation is immediate. Use as Authorization: Bearer <token> on API calls.

Language

UI language picker — supports Arabic, German, English, Spanish, French, Hindi, Italian, Japanese, Korean, Dutch, Portuguese, Russian, Simplified Chinese, Traditional Chinese. Preference is saved on the user record so it persists across browsers / sessions.

My Audit Log

Per-user filtered view of the audit log: every action your account has taken (login, password change, host edits, role assignments, etc.). Useful for verifying recent activity or building a compliance trail.