diff --git a/app/Http/Controllers/Api/Client/Servers/SubuserController.php b/app/Http/Controllers/Api/Client/Servers/SubuserController.php
index 73a534341..79a90d842 100644
--- a/app/Http/Controllers/Api/Client/Servers/SubuserController.php
+++ b/app/Http/Controllers/Api/Client/Servers/SubuserController.php
@@ -123,6 +123,6 @@ class SubuserController extends ClientApiController
      */
     protected function getDefaultPermissions(Request $request): array
     {
-        return array_merge($request->input('permissions') ?? [], ['websocket.*']);
+        return array_unique(array_merge($request->input('permissions') ?? [], ['websocket.*']));
     }
 }
diff --git a/app/Services/Subusers/SubuserCreationService.php b/app/Services/Subusers/SubuserCreationService.php
index ea8b5c2be..b959aece8 100644
--- a/app/Services/Subusers/SubuserCreationService.php
+++ b/app/Services/Subusers/SubuserCreationService.php
@@ -103,7 +103,7 @@ class SubuserCreationService
             return $this->subuserRepository->create([
                 'user_id' => $user->id,
                 'server_id' => $server->id,
-                'permissions' => $permissions,
+                'permissions' => array_unique($permissions),
             ]);
         });
     }
diff --git a/resources/scripts/components/server/users/UserRow.tsx b/resources/scripts/components/server/users/UserRow.tsx
index c84024603..d419e8fb1 100644
--- a/resources/scripts/components/server/users/UserRow.tsx
+++ b/resources/scripts/components/server/users/UserRow.tsx
@@ -4,6 +4,9 @@ import { FontAwesomeIcon } from '@fortawesome/react-fontawesome';
 import { faPencilAlt } from '@fortawesome/free-solid-svg-icons/faPencilAlt';
 import RemoveSubuserButton from '@/components/server/users/RemoveSubuserButton';
 import EditSubuserModal from '@/components/server/users/EditSubuserModal';
+import { faUnlockAlt } from '@fortawesome/free-solid-svg-icons/faUnlockAlt';
+import { faUserLock } from '@fortawesome/free-solid-svg-icons/faUserLock';
+import classNames from 'classnames';
 
 interface Props {
     subuser: Subuser;
@@ -28,10 +31,29 @@ export default ({ subuser }: Props) => {
             <div className={'ml-4 flex-1'}>
                 <p className={'text-sm'}>{subuser.email}</p>
             </div>
+            <div className={'ml-4'}>
+                <p className={'font-medium text-center'}>
+                    &nbsp;
+                    <FontAwesomeIcon
+                        icon={subuser.twoFactorEnabled ? faUserLock : faUnlockAlt}
+                        className={classNames('fa-fw', {
+                            'text-red-400': !subuser.twoFactorEnabled,
+                        })}
+                    />
+                    &nbsp;
+                </p>
+                <p className={'text-2xs text-neutral-500 uppercase'}>2FA Enabled</p>
+            </div>
+            <div className={'ml-4'}>
+                <p className={'font-medium text-center'}>
+                    {subuser.permissions.filter(permission => permission !== 'websocket.*').length}
+                </p>
+                <p className={'text-2xs text-neutral-500 uppercase'}>Permissions</p>
+            </div>
             <button
                 type={'button'}
                 aria-label={'Edit subuser'}
-                className={'block text-sm p-2 text-neutral-500 hover:text-neutral-100 transition-colors duration-150 mr-4'}
+                className={'block text-sm p-2 text-neutral-500 hover:text-neutral-100 transition-colors duration-150 mx-4'}
                 onClick={() => setVisible(true)}
             >
                 <FontAwesomeIcon icon={faPencilAlt}/>