- Add Description field - should username be encrypted via a session token or something - - who has the key, resetting global user password should still be possible
