Your Profile

Your profile page is the hub for managing your personal account settings, security configuration, and notification preferences. Every user — whether regular or admin — has access to their own profile page.

To access your profile, click your avatar in the top-right corner of the dashboard and select your profile, or find Profile in the sidebar under the Account section.

Overview

The profile page is organized into tabs along the top. Each tab focuses on a different aspect of your account:

👤 Profile

Avatar, banner, display name, and email — your identity on the dashboard

🔒 Security

Password management, two-factor authentication, passkeys, and active sessions

🔔 Notification Settings

Control how and where you receive notifications

📬 Notification Center

Your inbox for system and admin notifications

🛠️ Support

Enable remote support access for troubleshooting (admin only)

Profile tab

The Profile tab is where you manage your account identity.

Profile picture and banner

Upload a custom avatar to personalize your account. The dashboard supports PNG, JPG, WEBP, and GIF images up to 2 MB. After selecting a file, you can crop the image before uploading.

You can also upload a profile banner image that appears at the top of your profile.

Account information

View and update your core account details:

Username — Your login name (read-only, set during account creation)
Email — Your email address, used for password resets and notification delivery
Display name — An optional name shown in the dashboard instead of your username

Click Edit Profile to update your email or display name.

Security tab

The Security tab provides comprehensive account protection options.

Password

Change your password from this section. Enter your current password followed by your new password. Strong passwords are recommended — the admin may enforce minimum length and complexity requirements through the registration policy.

CLI alternative

Admins can also reset a user’s password from the command line: qb user password -u username -p newpassword

Two-factor authentication (2FA)

Enable TOTP-based two-factor authentication for an extra layer of account security:

Click Enable 2FA in the Security tab
Scan the QR code with an authenticator app (Google Authenticator, Authy, or any TOTP-compatible app)
Enter the 6-digit code from your authenticator app to confirm
Save the recovery codes that are displayed — store them in a secure location

Once enabled, you will be prompted for a TOTP code each time you log in.

Save your recovery codes

Recovery codes are the only way to regain access to your account if you lose your authenticator device. Each code can be used once. Store them somewhere safe — a password manager is a good choice.

Passkeys (WebAuthn)

Click Add Passkey in the Security tab
Follow your browser’s prompts to register a security key (YubiKey, fingerprint, Face ID, etc.)
Give the passkey a recognizable name

You can register multiple passkeys and remove any that are no longer needed.

Active sessions

View all devices and browsers currently signed into your account. Each session entry shows:

Device and browser — What was used to log in
IP address — Where the session originated
Last active — When the session was last used

Click Revoke next to any session to immediately sign it out. This is useful if you notice an unfamiliar session or left yourself logged in on a shared computer.

Notification Settings tab

Configure how you receive notifications from the dashboard. The notification system supports multiple delivery channels:

Channel	Description
In-App	Notifications appear in your Notification Center inbox and the alerts bell in the top bar
Email	Notifications are delivered to your email address (requires email provider to be configured)
Discord	Notifications are sent to a Discord channel via webhook
Signal	Notifications are sent via the Signal messaging service

For each notification type, you can choose which channels to enable. This lets you receive critical alerts via email while keeping routine notifications in-app only.

Notification Center tab

The Notification Center is your inbox for system and admin notifications. Notifications appear here when:

An admin sends a broadcast or direct notification
A system event triggers a notification (application installed, update available, etc.)
An automated alert rule fires (CPU threshold, disk space, etc.)

Each notification shows a title, message body, and timestamp. You can:

Mark as read — Dismiss the unread indicator
Mark as unread — Flag a notification for follow-up
Dismiss — Remove a notification from your inbox

The alert bell icon in the top bar shows a green dot when you have unread notifications, and clicking it takes you directly to the Notification Center.

Disk usage

Your profile displays a breakdown of your disk storage allocation:

Used space — How much disk space your files and applications consume
Quota — Your allocated storage limit (set by the admin, or unlimited)
Usage bar — A visual progress indicator showing consumption relative to your quota

Quotas

Disk quotas are managed by the server admin. If you are running low on space, contact your admin to request a quota increase, or clean up unused files. Admins can adjust quotas from the User Admin page or via the CLI: qb user quota -u username -o 500GB.

Support tab

Admin only

The Support tab is visible only to admin users with the admin.system.support permission.

The Support tab allows you to enable temporary SSH access for the QuickBox support team. This is used when you need hands-on troubleshooting assistance from the QuickBox team.

Enable support access — Grants the support team temporary SSH access to your server. The access window has an automatic expiry.
Disable support access — Revokes the support team’s access immediately.
Status — Shows whether support access is currently active and when it will expire.

This can also be managed via the CLI with qb support enable, qb support disable, and qb support status.

Best practices

Do

Enable two-factor authentication for stronger account security
Save your 2FA recovery codes in a password manager or secure offline location
Review your active sessions periodically and revoke any you do not recognize
Register at least two passkeys (one as a backup) if you use WebAuthn login
Keep your email address up to date so password resets and notifications work correctly

Don't

Don't share your recovery codes with anyone
Don't leave sessions active on shared or public computers — log out or revoke them from your profile
Don't ignore unfamiliar sessions in your active sessions list — revoke them and change your password
Don't disable 2FA without having another strong authentication method in place

FAQ

Usernames cannot be changed after account creation. Your username is tied to your Linux user account and application file ownership. If you need a different username, ask your admin to create a new account.

Use one of the recovery codes that were provided when you first enabled 2FA. Each code works once. If you have no recovery codes left, contact your server admin to disable 2FA on your account.

Yes. Once you register a passkey, you can use it for passwordless login. The passkey authenticates you using your device's biometric sensor or hardware security key.

Go to the Notification Settings tab and configure the Discord channel. You will need a Discord webhook URL. If the admin has configured a Discord bot integration, notifications can also be delivered through the bot.

The Support tab is visible only to admin users with the admin.system.support permission. Regular users do not have access to this tab.

Getting Started

First-time dashboard orientation and setup

Settings

Server-wide settings including security and sessions

User Management

Admin tools for managing users, roles, and groups

Join the Community

Media server operators sharing configs, getting support, and shaping the future of QuickBox Pro.

Dedicated Support

Feature Previews

Community Configs

Active Discussions

Join Discord Server