diff --git a/nginx.conf b/nginx.conf
index d07794342b..0ba4244fde 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -129,7 +129,7 @@ server {
             rewrite admin/api/(.*)                                  /admin/api/index.php last;
 
             # Administration pages
-            rewrite admin/(attachments|backup|backup/export|backup/restore|configuration|elasticsearch|export|import|instance/edit|instance/update|instances|password|session-keep-alive|stopwords|system|update) /admin/front.php last;
+            rewrite admin/(attachments|backup|backup/export|backup/restore|configuration|elasticsearch|export|import|instance/edit|instance/update|instances|password|session-keep-alive|stopwords|system|update|user) /admin/front.php last;
 
             # REST API v3.0 and v3.1
             rewrite ^api/v3\.[01]/(.*)                              /api/index.php last;
diff --git a/phpmyfaq/.htaccess b/phpmyfaq/.htaccess
index c7c500ea7e..bb12ac2661 100644
--- a/phpmyfaq/.htaccess
+++ b/phpmyfaq/.htaccess
@@ -143,7 +143,7 @@ Header set Access-Control-Allow-Headers "Content-Type, Authorization"
     # Administration API
     RewriteRule ^admin/api/(.*) admin/api/index.php [L,QSA]
     # Administration pages
-    RewriteRule ^admin/(attachments|backup|backup/export|backup/restore|configuration|elasticsearch|export|import|instance/edit|instance/update|instances|password|session-keep-alive|stopwords|system|update) admin/front.php [L,QSA]
+    RewriteRule ^admin/(attachments|backup|backup/export|backup/restore|configuration|elasticsearch|export|import|instance/edit|instance/update|instances|password|session-keep-alive|stopwords|system|update|user) admin/front.php [L,QSA]
     # Private APIs
     RewriteRule ^api/(autocomplete|bookmark/delete|bookmark/create|user/data/update|user/password/update|user/request-removal|user/remove-twofactor|contact|voting|register|captcha|share|comment/create|faq/create|question/create|webauthn/prepare|webauthn/register|webauthn/prepare-login|webauthn/login) api/index.php [L,QSA]
     # Setup APIs
diff --git a/phpmyfaq/admin/assets/src/user/users.js b/phpmyfaq/admin/assets/src/user/users.js
index 41fb9fb939..7261290d9a 100644
--- a/phpmyfaq/admin/assets/src/user/users.js
+++ b/phpmyfaq/admin/assets/src/user/users.js
@@ -51,12 +51,12 @@ const setUserData = async (userId) => {
     const superAdmin = document.getElementById('is_superadmin');
     superAdmin.setAttribute('checked', 'checked');
     document.querySelectorAll('.permission').forEach((checkbox) => {
-      checkbox.setAttribute('disabled', '');
+      checkbox.removeAttribute('disabled');
     });
     document.querySelectorAll('#pmf-user-rights-save').forEach((element) => {
-      element.setAttribute('disabled', '');
+      element.removeAttribute('disabled');
     });
-    document.getElementById('checkAll').setAttribute('disabled', '');
+    document.getElementById('checkAll').removeAttribute('disabled');
   } else {
     const superAdmin = document.getElementById('is_superadmin');
     superAdmin.removeAttribute('checked');
@@ -74,6 +74,8 @@ const setUserData = async (userId) => {
   }
   const saveUser = document.getElementById('pmf-user-save');
   saveUser.classList.remove('disabled');
+
+  window.history.pushState({}, '', `./user/edit/${userId}`);
 };
 
 const setUserRights = async (userId) => {
@@ -143,10 +145,10 @@ export const handleUsers = async () => {
     isSuperAdmin.addEventListener('click', () => {
       if (isSuperAdmin.checked) {
         document.querySelectorAll('.permission').forEach((checkbox) => {
-          checkbox.setAttribute('disabled', '');
+          checkbox.removeAttribute('disabled');
         });
         document.querySelectorAll('#pmf-user-rights-save').forEach((element) => {
-          element.setAttribute('disabled', '');
+          element.removeAttribute('disabled');
         });
         document.getElementById('checkAll').setAttribute('disabled', '');
       } else {
@@ -154,9 +156,9 @@ export const handleUsers = async () => {
           checkbox.removeAttribute('disabled');
         });
         document.querySelectorAll('#pmf-user-rights-save').forEach((element) => {
-          element.removeAttribute('disabled', '');
+          element.removeAttribute('disabled');
         });
-        document.getElementById('checkAll').removeAttribute('disabled', '');
+        document.getElementById('checkAll').removeAttribute('disabled');
       }
     });
   }
diff --git a/phpmyfaq/admin/header.php b/phpmyfaq/admin/header.php
index 814319eab0..7ba8c7f455 100644
--- a/phpmyfaq/admin/header.php
+++ b/phpmyfaq/admin/header.php
@@ -48,7 +48,8 @@
 $secLevelEntries['user'] = $adminHelper->addMenuEntry(
     'add_user+edit_user+delete_user',
     'user',
-    'ad_menu_user_administration'
+    'ad_menu_user_administration',
+    'user'
 );
 if ($faqConfig->get('security.permLevel') !== 'basic') {
     $secLevelEntries['user'] .= $adminHelper->addMenuEntry(
diff --git a/phpmyfaq/admin/index.php b/phpmyfaq/admin/index.php
index b8e3b42212..15ac6366d6 100755
--- a/phpmyfaq/admin/index.php
+++ b/phpmyfaq/admin/index.php
@@ -21,7 +21,6 @@
 
 use phpMyFAQ\Administration\AdminLog;
 use phpMyFAQ\Attachment\AttachmentFactory;
-use phpMyFAQ\Configuration;
 use phpMyFAQ\Faq;
 use phpMyFAQ\Filter;
 use phpMyFAQ\Language;
@@ -242,13 +241,6 @@
 //
 [$currentAdminUser, $currentAdminGroups] = CurrentUser::getCurrentUserGroupId($user);
 
-// are we running a PMF export file request?
-switch ($action) {
-    case 'reportexport':
-        require 'report.export.php';
-        exit();
-}
-
 // Header of the admin page including the navigation
 require 'header.php';
 
@@ -265,9 +257,6 @@
         // the various sections of the admin area
         switch ($action) {
             // functions for user administration
-            case 'user':
-                require 'user.php';
-                break;
             case 'group':
                 require 'group.php';
                 break;
diff --git a/phpmyfaq/admin/user.php b/phpmyfaq/admin/user.php
deleted file mode 100755
index fb36e89fd4..0000000000
--- a/phpmyfaq/admin/user.php
+++ /dev/null
@@ -1,191 +0,0 @@
-<?php
-
-/**
- * Displays the user management frontend.
- *
- * This Source Code Form is subject to the terms of the Mozilla Public License,
- * v. 2.0. If a copy of the MPL was not distributed with this file, You can
- * obtain one at https://mozilla.org/MPL/2.0/.
- *
- * @package   phpMyFAQ
- * @author    Lars Tiedemann <php@larstiedemann.de>
- * @author    Uwe Pries <uwe.pries@digartis.de>
- * @author    Sarah Hermann <sayh@gmx.de>
- * @author    Thorsten Rinne <thorsten@phpmyfaq.de>
- * @copyright 2005-2024 phpMyFAQ Team
- * @license   https://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
- * @link      https://www.phpmyfaq.de
- * @since     2005-12-15
- */
-
-use phpMyFAQ\Enums\PermissionType;
-use phpMyFAQ\Filter;
-use phpMyFAQ\Pagination;
-use phpMyFAQ\Session\Token;
-use phpMyFAQ\Template\Extensions\PermissionTranslationTwigExtension;
-use phpMyFAQ\Template\TwigWrapper;
-use phpMyFAQ\Translation;
-use phpMyFAQ\User\CurrentUser;
-
-if (!defined('IS_VALID_PHPMYFAQ')) {
-    http_response_code(400);
-    exit();
-}
-
-if (
-    !$user->perm->hasPermission($user->getUserId(), PermissionType::USER_EDIT->value) ||
-    !$user->perm->hasPermission($user->getUserId(), PermissionType::USER_DELETE->value) ||
-    !$user->perm->hasPermission($user->getUserId(), PermissionType::USER_ADD->value)
-) {
-    require __DIR__ . '/no-permission.php';
-    exit();
-}
-
-$templateVars = [];
-
-$userId = Filter::filterInput(INPUT_GET, 'user_id', FILTER_VALIDATE_INT);
-
-// set some parameters
-$selectSize = 10;
-$defaultUserAction = 'list';
-$userActionList = [
-    'list',
-    'listallusers'
-];
-
-// what shall we do?
-// actions defined by url: user_action=
-$userAction = Filter::filterInput(INPUT_GET, 'user_action', FILTER_SANITIZE_SPECIAL_CHARS, $defaultUserAction);
-$currentUser = new CurrentUser($faqConfig);
-
-// show a list of all users
-if ($userAction == 'listallusers') {
-    if (!$user->perm->hasPermission($user->getUserId(), PermissionType::USER_EDIT->value)) {
-        require __DIR__ . '/no-permission.php';
-        exit();
-    }
-    $allUsers = $user->getAllUsers(false);
-    $numUsers = is_countable($allUsers) ? count($allUsers) : 0;
-    $page = Filter::filterInput(INPUT_GET, 'page', FILTER_VALIDATE_INT, 0);
-    $perPage = 10;
-    $numPages = ceil($numUsers / $perPage);
-    $lastPage = $page * $perPage;
-    $firstPage = $lastPage - $perPage;
-
-    $baseUrl = sprintf(
-        '%sadmin/?action=user&amp;user_action=listallusers&amp;page=%d',
-        $faqConfig->getDefaultUrl(),
-        $page
-    );
-
-    // Pagination options
-    $options = [
-        'baseUrl' => $baseUrl,
-        'total' => $numUsers,
-        'perPage' => $perPage,
-        'pageParamName' => 'page',
-    ];
-    $pagination = new Pagination($options);
-
-    $counter = $displayedCounter = 0;
-    $users = [];
-    foreach ($allUsers as $listedUserId) {
-        $user->getUserById($listedUserId, true);
-        $tempUser = [];
-
-        if ($displayedCounter >= $perPage) {
-            continue;
-        }
-        ++$counter;
-        if ($counter <= $firstPage) {
-            continue;
-        }
-        ++$displayedCounter;
-
-        $tempUser = [
-            'display_name' => $user->getUserData('display_name'),
-            'id' => $user->getUserId(),
-            'email' => $user->getUserData('email'),
-            'status' => $user->getStatus(),
-            'isSuperAdmin' => $user->isSuperAdmin(),
-            'isVisible' => $user->getUserData('is_visible'),
-            'login' => $user->getLogin()
-        ];
-
-        $users[] = $tempUser;
-    }
-
-    $user = CurrentUser::getCurrentUser($faqConfig);
-
-    $templateVars = [
-        ...$templateVars,
-        'perPage' => $perPage,
-        'numUsers' => $numUsers,
-        'pagination' => $pagination->render(),
-        'users' => $users,
-        'userIsSuperAdmin' => $user->isSuperAdmin()
-    ];
-}
-
-$templateVars = [
-    ...$templateVars,
-    'userAction' => $userAction,
-    'ad_user' => Translation::get('ad_user'),
-    'permissionAddUser' => $currentUser->perm->hasPermission($user->getUserId(), PermissionType::USER_ADD->value),
-    'ad_user_add' => Translation::get('ad_user_add'),
-    'permissionEditUser' => $currentUser->perm->hasPermission($user->getUserId(), PermissionType::USER_EDIT->value),
-    'list_all_users' => Translation::get('list_all_users'),
-    'userId' => $userId,
-    'msgSearch' => Translation::get('msgSearch'),
-    'ad_auth_user' => Translation::get('ad_auth_user'),
-    'ad_user_profou' => Translation::get('ad_user_profou'),
-    'csrfToken_updateUserData' => Token::getInstance($container->get('session'))->getTokenString('update-user-data'),
-    'msgAuthenticationSource' => Translation::get('msgAuthenticationSource'),
-    'ad_user_status' => Translation::get('ad_user_status'),
-    'ad_user_active' => Translation::get('ad_user_active'),
-    'ad_user_blocked' => Translation::get('ad_user_blocked'),
-    'ad_user_protected' => Translation::get('ad_user_protected'),
-    'msgRealname' => Translation::get('msgRealname'),
-    'msgEmail' => Translation::get('msgEmail'),
-    'ad_user_is_superadmin' => Translation::get('ad_user_is_superadmin'),
-    'ad_user_overwrite_passwd' => Translation::get('ad_user_overwrite_passwd'),
-    'ad_user_overwrite_twofactor' => Translation::get('ad_user_overwrite_twofactor'),
-    'ad_user_delete' => Translation::get('ad_user_delete'),
-    'ad_gen_save' => Translation::get('ad_gen_save'),
-    'csrfToken_updateUserRights' => Token::getInstance($container->get('session'))->getTokenString('update-user-rights'),
-    'ad_user_rights' => Translation::get('ad_user_rights'),
-    'ad_user_checkall' => Translation::get('ad_user_checkall'),
-    'ad_user_uncheckall' => Translation::get('ad_user_uncheckall'),
-    'userRights' => $user->perm->getAllRightsData(),
-    'msgExportUsersAsCSV' => Translation::get('msgExportUsersAsCSV'),
-    'msgNewContentName' => Translation::get('msgNewContentName'),
-    'msgNewContentMail' => Translation::get('msgNewContentMail'),
-    'ad_user_is_visible' => Translation::get('ad_user_is_visible'),
-    'ad_user_edit' => Translation::get('ad_user_edit'),
-    'csrfToken_activateUser' => Token::getInstance($container->get('session'))->getTokenString('activate-user'),
-    'ad_news_set_active' => Translation::get('ad_news_set_active'),
-    'permissionDeleteUser' =>
-        $currentUser->perm->hasPermission($user->getUserId(), PermissionType::USER_DELETE->value),
-    'csrfToken_deleteUser' => Token::getInstance($container->get('session'))->getTokenString('delete-user'),
-    'ad_adus_adduser' => Translation::get('ad_adus_adduser'),
-    'csrfToken_addUser' => Token::getInstance($container->get('session'))->getTokenString('add-user'),
-    'ad_adus_name' => Translation::get('ad_adus_name'),
-    'ad_add_user_change_password' => Translation::get('ad_add_user_change_password'),
-    'ad_adus_password' => Translation::get('ad_adus_password'),
-    'ad_passwd_con' => Translation::get('ad_passwd_con'),
-    'ad_gen_cancel' => Translation::get('ad_gen_cancel'),
-    'ad_menu_passwd' => Translation::get('ad_menu_passwd'),
-    'csrfToken_overwritePassword' => Token::getInstance($container->get('session'))->getTokenString('overwrite-password'),
-    'ad_passwd_new' => Translation::get('ad_passwd_new'),
-    'msgWarning' => Translation::get('msgWarning'),
-    'ad_gen_yes' => Translation::get('ad_gen_yes'),
-    'ad_gen_no' => Translation::get('ad_gen_no'),
-    'ad_user_deleteUser' => Translation::get('ad_user_deleteUser'),
-    'msgUserList' => Translation::get('msgUserList')
-];
-
-$twig = new TwigWrapper(PMF_ROOT_DIR . '/assets/templates');
-$twig->addExtension(new PermissionTranslationTwigExtension());
-$template = $twig->loadTemplate('@admin/user/users.twig');
-
-echo $template->render($templateVars);
diff --git a/phpmyfaq/assets/templates/admin/header.twig b/phpmyfaq/assets/templates/admin/header.twig
index 4f6a042a94..0afaa2bbbe 100644
--- a/phpmyfaq/assets/templates/admin/header.twig
+++ b/phpmyfaq/assets/templates/admin/header.twig
@@ -106,7 +106,7 @@
 
           <!-- User -->
           {% if secondLevelEntries['user'] != '' %}
-          <a class="nav-link {{ userPage ? '' : 'collapsed' }}" href="?action=user" data-bs-toggle="collapse"
+          <a class="nav-link {{ userPage ? '' : 'collapsed' }}" href="./user" data-bs-toggle="collapse"
              data-bs-target="#collapseUsers" aria-expanded="false" aria-controls="collapseUsers">
             <div class="pmf-admin-nav-link-icon"><i aria-hidden="true" class="bi bi-person h6"></i></div>
             {{ menuUsers }}
diff --git a/phpmyfaq/assets/templates/admin/index.twig b/phpmyfaq/assets/templates/admin/index.twig
index 030d2a5135..077350fb0f 100644
--- a/phpmyfaq/assets/templates/admin/index.twig
+++ b/phpmyfaq/assets/templates/admin/index.twig
@@ -106,7 +106,7 @@
 
             <!-- User -->
             {% if secondLevelEntries['user'] != '' %}
-              <a class="nav-link {{ userPage ? '' : 'collapsed' }}" href="?action=user" data-bs-toggle="collapse"
+              <a class="nav-link {{ userPage ? '' : 'collapsed' }}" href="./user" data-bs-toggle="collapse"
                  data-bs-target="#collapseUsers" aria-expanded="false" aria-controls="collapseUsers">
                 <div class="pmf-admin-nav-link-icon"><i aria-hidden="true" class="bi bi-person h6"></i></div>
                 {{ menuUsers }}
@@ -258,7 +258,7 @@
         <div class="modal-content">
           <div class="modal-header">
             <h1 class="modal-title fs-5" id="sessionWarningModalLabel">
-              {{ msgSessionExpiringSoon }}
+              {{ 'msgSessionExpiringSoon' | translate }}
             </h1>
             <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
           </div>
@@ -267,10 +267,10 @@
           </div>
           <div class="modal-footer">
             <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">
-              {{ msgNoLogMeOut }}
+              {{ 'msgNoLogMeOut' | translate }}
             </button>
             <button type="button" class="btn btn-primary" id="pmf-button-reload-page">
-              {{ msgYesKeepMeLoggedIn }}
+              {{ 'msgYesKeepMeLoggedIn' | translate }}
             </button>
           </div>
         </div>
diff --git a/phpmyfaq/assets/templates/admin/user/modals.twig b/phpmyfaq/assets/templates/admin/user/modals.twig
new file mode 100644
index 0000000000..a3941438b7
--- /dev/null
+++ b/phpmyfaq/assets/templates/admin/user/modals.twig
@@ -0,0 +1,211 @@
+<!-- Modal to overwrite password -->
+<div class="modal fade" id="pmf-modal-user-password-overwrite">
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h4>{{ 'ad_menu_passwd' | translate }}</h4>
+        <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+      </div>
+      <div class="modal-body">
+        <form action="#" method="post" accept-charset="utf-8" autocomplete="off">
+          <input type="hidden" name="csrf" id="modal_csrf"
+                 value="{{ csrfToken_overwritePassword }}" />
+          <input type="hidden" name="user_id" id="modal_user_id" value="{{ userId }}" />
+
+          <div class="row mb-2">
+            <label class="col-5 col-form-label" for="npass">
+              {{ 'ad_passwd_new' | translate }}
+            </label>
+            <div class="col-7">
+              <div class="input-group">
+                <input type="password" autocomplete="off" name="npass" id="npass" class="form-control"
+                       data-pmf-toggle="npass_togglePassword" required>
+                <span class="input-group-text" id="npass_togglePassword">
+                  <i class="bi bi-eye-slash" id="npass_togglePassword_icon"></i>
+                </span>
+              </div>
+            </div>
+          </div>
+
+          <div class="row mb-2">
+            <label class="col-5 col-form-label" for="bpass">
+              {{ 'ad_passwd_con' | translate }}
+            </label>
+            <div class="col-7">
+              <div class="input-group">
+                <input type="password" autocomplete="off" name="bpass" id="bpass" class="form-control"
+                       data-pmf-toggle="bpass_togglePassword" required>
+                <span class="input-group-text" id="bpass_togglePassword">
+                  <i class="bi bi-eye-slash" id="bpass_togglePassword_icon"></i>
+                </span>
+              </div>
+            </div>
+          </div>
+        </form>
+      </div>
+      <div class="modal-footer">
+        <button class="btn btn-primary" id="pmf-user-password-overwrite-action">
+          {{ 'ad_user_overwrite_passwd' | translate }}
+        </button>
+      </div>
+    </div>
+  </div>
+</div>
+
+{% if permissionAddUser == true %}
+  <!-- Modal to add a new user -->
+<div class="modal fade" id="addUserModal" tabindex="-1" role="dialog" aria-labelledby="addUserModalLabel"
+     aria-hidden="true">
+  <div class="modal-dialog modal-lg" role="document">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h5 class="modal-title" id="addUserModalLabel">
+          <i aria-hidden="true" class="bi bi-person-plus"></i> {{ 'ad_adus_adduser' | translate }}
+        </h5>
+        <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+      </div>
+      <div class="modal-body">
+        <form action="#" method="post" role="form" id="pmf-add-user-form" class="needs-validation" autocomplete="off"
+              novalidate>
+
+          <input type="hidden" id="add_user_csrf" name="add_user_csrf"
+                 value="{{ csrfToken_addUser }}" />
+
+          <div class="alert alert-danger d-none" id="pmf-add-user-error-message"></div>
+
+          <div class="row mb-2">
+            <label class="col-lg-4 col-form-label" for="add_user_name">
+              {{ 'ad_adus_name' | translate }}
+            </label>
+            <div class="col-lg-8">
+              <input type="text" name="add_user_name" id="add_user_name" required tabindex="1" class="form-control">
+            </div>
+          </div>
+
+          <div class="row mb-2">
+            <label class="col-lg-4 col-form-label"
+                   for="add_user_realname">{{ 'msgRealname' | translate }}</label>
+            <div class="col-lg-8">
+              <input type="text" name="add_user_realname" id="add_user_realname" required tabindex="2"
+                     class="form-control">
+            </div>
+          </div>
+
+          <div class="row mb-2">
+            <label class="col-lg-4 col-form-label" for="add_user_email">
+              {{ 'msgEmail' | translate }}
+            </label>
+            <div class="col-lg-8">
+              <input type="email" name="user_email" id="add_user_email" required tabindex="3" class="form-control">
+            </div>
+          </div>
+
+          <div class="row mb-2">
+            <div class="col-lg-4"></div>
+            <div class="col-lg-8">
+              <div class="form-check">
+                <input class="form-check-input" type="checkbox" id="add_user_automatic_password"
+                       name="add_user_automatic_password" value="">
+                <label class="form-check-label" for="add_user_automatic_password">
+                  {{ 'ad_add_user_change_password' | translate }}
+                </label>
+              </div>
+            </div>
+          </div>
+
+          <div id="add_user_show_password_inputs">
+            <div class="row mb-2">
+              <label class="col-lg-4 col-form-label"
+                     for="add_user_password">{{ 'ad_adus_password' | translate }}</label>
+              <div class="col-lg-8">
+                <div class="input-group">
+                  <input type="password" name="add_user_password" id="add_user_password" class="form-control"
+                         minlength="8" autocomplete="off" tabindex="4"
+                         data-pmf-toggle="add_user_password_togglePassword">
+                  <span class="input-group-text" id="add_user_password_togglePassword">
+                    <i class="bi bi-eye-slash" id="add_user_password_togglePassword_icon"></i>
+                  </span>
+                </div>
+              </div>
+            </div>
+
+            <div class="row mb-2">
+              <label class="col-lg-4 col-form-label"
+                     for="add_user_password_confirm">{{ 'ad_passwd_con' | translate }}</label>
+              <div class="col-lg-8">
+                <div class="input-group">
+                  <input type="password" name="add_user_password_confirm" id="add_user_password_confirm" minlength="8"
+                         class="form-control" autocomplete="off" tabindex="5"
+                         data-pmf-toggle="add_user_password_confirm_togglePassword">
+                  <span class="input-group-text" id="add_user_password_confirm_togglePassword">
+                    <i class="bi bi-eye-slash" id="add_user_password_confirm_togglePassword_icon"></i>
+                  </span>
+                </div>
+              </div>
+            </div>
+          </div>
+
+          {% if userIsSuperAdmin == true %}
+            <div class="row mb-2">
+              <div class="col-lg-4"></div>
+              <div class="col-lg-8">
+                <div class="form-check">
+                  <input class="form-check-input" type="checkbox" id="add_user_is_superadmin"
+                         name="user_is_superadmin">
+                  <label class="form-check-label" for="add_user_is_superadmin">
+                    {{ 'ad_user_is_superadmin' | translate }}
+                  </label>
+                </div>
+              </div>
+            </div>
+          {% endif %}
+
+        </form>
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">
+          {{ 'ad_gen_cancel' | translate }}
+        </button>
+        <button type="button" class="btn btn-primary" id="pmf-add-user-action">
+          {{ 'ad_gen_save' | translate }}
+        </button>
+      </div>
+    </div>
+  </div>
+</div>
+{% endif %}
+
+{% if permissionDeleteUser == true %}
+<!-- Modal to confirm deleting a user -->
+<div class="modal fade" id="pmf-modal-user-confirm-delete">
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h4><i class="bi bi-exclamation-triangle"></i> {{ 'msgWarning' | translate }}</h4>
+        <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+      </div>
+      <div class="modal-body">
+        <form action="#" method="post" accept-charset="utf-8" autocomplete="off">
+          <input type="hidden" name="csrf" id="csrf-token-delete-user"
+                 value="{{ csrfToken_deleteUser }}" />
+          <input type="hidden" name="user_id" id="pmf-user-id-delete" value="" />
+          <input type="hidden" name="source_page" id="source_page" value="" />
+
+          <div class="row mb-2">
+            <p>{{ 'ad_user_deleteUser' | translate }} '<span id="pmf-username-delete"></span>'?</p>
+          </div>
+
+          <div class="modal-footer">
+            <button type="button" class="btn btn-outline-success" data-bs-dismiss="modal">
+              {{ 'ad_gen_no' | translate }}
+            </button>
+            <button class="btn btn-danger" id="pmf-delete-user-yes" data-bs-dismiss="modal">
+              {{ 'ad_gen_yes' | translate }}
+            </button>
+          </div>
+        </form>
+      </div>
+    </div>
+  </div>
+</div>
+{% endif %}
diff --git a/phpmyfaq/assets/templates/admin/user/user-list.twig b/phpmyfaq/assets/templates/admin/user/user-list.twig
new file mode 100644
index 0000000000..ea8cea92fa
--- /dev/null
+++ b/phpmyfaq/assets/templates/admin/user/user-list.twig
@@ -0,0 +1,106 @@
+{% extends '@admin/index.twig' %}
+
+{% block content %}
+  <div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
+    <h1 class="h2">
+      <i class="bi bi-people"></i>
+      {{ 'msgUserList' | translate }}
+    </h1>
+    <div class="btn-toolbar mb-2 mb-md-0">
+      <div class="btn-group mr-2">
+        <a class="btn btn-outline-primary" href="./user">
+          <i class="bi bi-three-dots" aria-label="true"></i> {{ 'ad_user' | translate }}
+        </a>
+        {% if permissionAddUser == true %}
+          <button type="button" class="btn btn-outline-success" data-bs-toggle="modal"
+                  data-bs-target="#addUserModal">
+            <i class="bi bi-person-add" aria-label="true"></i> {{ 'ad_user_add' | translate }}
+          </button>
+        {% endif %}
+        <button type="button" class="btn btn-outline-info" id="pmf-button-export-users">
+          <i class="bi bi-download" aria-label="true"></i> {{ 'msgExportUsersAsCSV' | translate }}
+        </button>
+      </div>
+    </div>
+  </div>
+
+  <table class="table table-striped align-middle" id="pmf-admin-user-table">
+    <thead class="thead-dark">
+    <tr>
+      <th>{{ 'msgNewContentName' | translate }}</th>
+      <th>{{ 'msgNewContentMail' | translate }}</th>
+      <th>{{ 'ad_auth_user' | translate }}</th>
+      <th>{{ 'ad_user_status' | translate }}</th>
+      <th>{{ 'ad_user_is_superadmin' | translate }}</th>
+      <th>{{ 'ad_user_is_visible' | translate }}</th>
+      <th>Actions</th>
+    </tr>
+    </thead>
+    {% if perPage < numUsers %}
+      <tfoot>
+      <tr>
+        <td colspan="8">{{ pagination|raw }}</td>
+      </tr>
+      </tfoot>
+    {% endif %}
+    <tbody>
+    {% for user in users %}
+      <tr class="row_user_id_{{ user.id }}" id="row_user_id_{{ user.id }}">
+        <td>{{ user.display_name|raw }}</td>
+        <td>
+          <a href="mailto:{{ user.email|raw }}">
+            {{ user.email|raw }}
+          </a>
+        </td>
+        <td>{{ user.login|raw }}</td>
+
+        <td class="text-center"><i class="fa
+    {% if user.status == 'active' %}
+    bi-person-fill-check text-success
+    {% endif %}
+    {% if user.status == 'blocked' %}
+    bi-person-fill-slash text-danger
+    {% endif %}
+    {% if user.status == 'protected' %}
+    bi-person-fill-lock text-warning
+    {% endif %} icon_user_id_{{ user.id }}"></i></td>
+        <td class="text-center">
+          <i class="fa {% if user.isSuperAdmin == true %} bi-person-fill-check text-success {% else %} bi-person {% endif %}"</i>
+        </td>
+        <td class="text-center">
+          <i class="fa {% if user.isVisible == true %} bi-person-fill {% else %} bi-person {% endif %}"</i>
+        </td>
+
+        <td>
+          <a href="./user/edit/{{ user.id }}"
+             class="btn">
+            <i class="bi bi-pencil text-info"></i> {{ ad_user_edit }}
+          </a>
+          {% if user.status == 'blocked' %}
+            <button type="button" class="btn btn-activate-user"
+                    id="btn_activate_user_id_{{ user.id }}"
+                    data-csrf-token="{{ csrfToken_activateUser }}"
+                    data-user-id="{{ user.id }}">
+              <i class="bi bi-unlock-fill text-success"
+                 data-csrf-token="{{ csrfToken_activateUser }}"
+                 data-user-id="{{ user.id }}"></i>
+              {{ ad_news_set_active }}
+            </button>
+          {% endif %}
+          {% if user.status != 'protected' and permissionDeleteUser == true %}
+            <button type="button" class="btn btn-delete-user"
+                    id="btn_user_id_{{ user.id }}"
+                    data-csrf-token="{{ csrfToken_deleteUser }}"
+                    data-user-id="{{ user.id }}"
+                    data-username="{{ user.login }}">
+              <i class="bi bi-trash text-danger" data-csrf-token="{{ csrfToken_deleteUser }}"
+                 data-user-id="{{ user.id }}"></i>
+              {{ ad_user_delete }}
+            </button>
+          {% endif %}
+        </td>
+      </tr>
+    {% endfor %}
+    </tbody>
+  </table>
+{% endblock %}
diff --git a/phpmyfaq/assets/templates/admin/user/user.twig b/phpmyfaq/assets/templates/admin/user/user.twig
new file mode 100644
index 0000000000..d2df74ea34
--- /dev/null
+++ b/phpmyfaq/assets/templates/admin/user/user.twig
@@ -0,0 +1,195 @@
+{% extends '@admin/index.twig' %}
+
+{% block content %}
+  <div
+    class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
+    <h1 class="h2">
+      <i aria-hidden="true" class="bi bi-person"></i>
+      {{ 'ad_user' | translate }}
+    </h1>
+    <div class="btn-toolbar mb-2 mb-md-0">
+      <div class="btn-group mr-2">
+        {% if permissionAddUser == true %}
+          <button type="button" class="btn btn-outline-primary" data-bs-toggle="modal"
+                  data-bs-target="#addUserModal">
+            <i class="bi bi-person-add" aria-label="true"></i> {{ 'ad_user_add' | translate }}
+          </button>
+        {% endif %}
+        {% if permissionEditUser == true %}
+          <a class="btn btn-outline-info" href="./user/list">
+            <i class="bi bi-people" aria-label="true"></i> {{ 'list_all_users' | translate }}
+          </a>
+        {% endif %}
+      </div>
+    </div>
+  </div>
+
+  <div class="row mb-2">
+    <div class="col-6 offset-3">
+      <form name="user_select" id="user_select" action="./user/delete"
+            method="post" role="form" class="form_inline">
+        <input type="hidden" id="current_user_id" value="{{ userId }}">
+        <div class="card shadow mb-4">
+          <h5 class="card-header py-3">
+            <i aria-hidden="true" class="bi bi-search"></i> {{ 'msgSearch' | translate }}
+          </h5>
+          <div class="card-body">
+            <div class="form-floating">
+              <input type="text" class="form-control" id="pmf-user-list-autocomplete" aria-controls=""
+                     name="user_list_search" placeholder="{{ 'ad_auth_user' | translate }}"
+                     spellcheck="false" autocomplete="off" autocapitalize="off" maxlength="2048">
+              <label for="pmf-user-list-autocomplete">{{ 'ad_auth_user' | translate }}</label>
+            </div>
+          </div>
+        </div>
+      </form>
+    </div>
+  </div>
+
+  <div class="row mb-2">
+
+    <div class="col-lg-8">
+      <div class="card shadow mb-4">
+        <h5 class="card-header py-3" id="user_data_legend">
+          <i aria-hidden="true" class="bi bi-person"></i> {{ 'ad_user_profou' | translate }}
+        </h5>
+        <div class="card-body">
+          <input type="hidden" id="last_modified" name="last_modified" value="">
+          <input id="update_user_id" type="hidden" name="user_id" value="0">
+          <input type="hidden" id="pmf-csrf-token" name="pmf-csrf-token" value="{{ csrfToken_updateUserData }}" />
+
+          <div class="row mb-2">
+            <label for="auth_source" class="col-lg-4 col-form-label">
+              {{ 'msgAuthenticationSource' | translate }}
+            </label>
+            <div class="col-lg-8">
+              <input id="auth_source" class="form-control-plaintext" type="text" value="n/a" readonly>
+            </div>
+          </div>
+
+          <div class="row mb-2">
+            <label for="user_status" class="col-lg-4 col-form-label">
+              {{ 'ad_user_status' | translate }}
+            </label>
+            <div class="col-lg-8">
+              <select id="user_status" class="form-select" name="user_status" disabled>
+                <option value="active">{{ 'ad_user_active' | translate }}</option>
+                <option value="blocked">{{ 'ad_user_blocked' | translate }}</option>
+                <option value="protected">{{ 'ad_user_protected' | translate }}</option>
+              </select>
+            </div>
+          </div>
+
+          <div class="row mb-2">
+            <label class="col-lg-4 col-form-label" for="display_name">
+              {{ 'msgRealname' | translate }}
+            </label>
+            <div class="col-lg-8">
+              <input type="text" id="display_name" name="display_name" value="" class="form-control" required disabled>
+            </div>
+          </div>
+
+          <div class="row mb-2">
+            <label class="col-lg-4 col-form-label" for="email">
+              {{ 'msgEmail' | translate }}
+            </label>
+            <div class="col-lg-8">
+              <input type="email" id="email" name="email" value="" class="form-control" required disabled>
+            </div>
+          </div>
+
+          <div class="row mb-2">
+            <div class="offset-lg-4 col-lg-8">
+              <div class="form-check">
+                <input class="form-check-input" type="checkbox" id="is_superadmin" name="is_superadmin">
+                <label class="form-check-label" for="is_superadmin">
+                  {{ 'ad_user_is_superadmin' | translate }}
+                </label>
+              </div>
+            </div>
+          </div>
+
+          <div class="row mb-2">
+            <div class="offset-lg-4 col-lg-8">
+              <a class="btn btn-danger pmf-admin-overwrite-password" data-bs-toggle="modal"
+                 href="#pmf-modal-user-password-overwrite">
+                {{ 'ad_user_overwrite_passwd' | translate }}
+              </a>
+            </div>
+          </div>
+
+          <div class="row mb-2">
+            <div class="offset-lg-4 col-lg-8">
+              <div class="form-check">
+                <input class="form-check-input" type="checkbox" id="overwrite_twofactor" name="overwrite_twofactor"
+                       disabled>
+                <label class="form-check-label" for="overwrite_twofactor">
+                  {{ 'ad_user_overwrite_twofactor' | translate }}
+                </label>
+              </div>
+            </div>
+          </div>
+
+        </div>
+        <div class="card-footer text-end">
+          {% if permissionDeleteUser == true %}
+            <button class="btn btn-danger disabled" id="pmf-delete-user">
+              {{ 'ad_user_delete' | translate }}
+            </button>
+          {% endif %}
+          <button class="btn btn-success disabled" id="pmf-user-save">
+            {{ 'ad_gen_save' | translate }}
+          </button>
+        </div>
+      </div>
+    </div>
+
+    <div class="col-lg-4" id="userRights">
+      <input type="hidden" name="user_id" id="rights_user_id" value="0">
+      <input type="hidden" name="pmf-csrf-token" id="pmf-csrf-token-rights" value="{{ csrfToken_updateUserRights }}">
+
+      <div class="card shadow mb-4">
+        <div class="card-header d-flex justify-content-between flex-wrap align-items-center py-3">
+          <h5 class="" id="user_rights_legend">
+            <i aria-hidden="true" class="bi bi-lock"></i> {{ 'ad_user_rights' | translate }}
+          </h5>
+          <div class="card-button">
+            <button class="btn btn-success" id="pmf-user-rights-save">
+              {{ 'ad_gen_save' | translate }}
+            </button>
+          </div>
+        </div>
+        <div class="card-body">
+          <div class="text-center mb-3">
+            <button type="button" class="btn btn-primary btn-sm" id="checkAll">
+              {{ 'ad_user_checkall' | translate }}
+            </button>
+            <button type="button" class="btn btn-primary btn-sm" id="uncheckAll">
+              {{ 'ad_user_uncheckall' | translate }}
+            </button>
+          </div>
+          {% for right in userRights %}
+            <div class="form-check">
+              <input id="user_right_{{ right.right_id }}" type="checkbox"
+                     name="user_rights[]" value="{{ right.right_id }}"
+                     class="form-check-input permission">
+              <label class="form-check-label" for="user_right_{{ right.right_id }}">
+                {{ right.name|permission }}
+              </label>
+            </div>
+          {% endfor %}
+        </div>
+        <div class="card-footer">
+          <div class="card-button text-end">
+            <button class="btn btn-success" id="pmf-user-rights-save">
+              {{ 'ad_gen_save' | translate }}
+            </button>
+          </div>
+        </div>
+      </div>
+    </div>
+  </div>
+
+  {{ include('@admin/user/modals.twig') }}
+
+{% endblock %}
diff --git a/phpmyfaq/assets/templates/admin/user/users.twig b/phpmyfaq/assets/templates/admin/user/users.twig
deleted file mode 100644
index e0e8c12c37..0000000000
--- a/phpmyfaq/assets/templates/admin/user/users.twig
+++ /dev/null
@@ -1,512 +0,0 @@
-{% if userAction == 'list' %}
-<div
-  class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
-  <h1 class="h2">
-    <i aria-hidden="true" class="bi bi-person"></i>
-    {{ ad_user }}
-  </h1>
-  <div class="btn-toolbar mb-2 mb-md-0">
-    <div class="btn-group mr-2">
-      {% if permissionAddUser == true %}
-      <button type="button" class="btn btn-outline-primary" data-bs-toggle="modal"
-              data-bs-target="#addUserModal">
-        <i class="bi bi-person-add" aria-label="true"></i> {{ ad_user_add }}
-      </button>
-      {% endif %}
-      {% if permissionEditUser == true %}
-      <a class="btn btn-outline-info" href="?action=user&amp;user_action=listallusers">
-        <i class="bi bi-people" aria-label="true"></i> {{ list_all_users }}
-      </a>
-      {% endif %}
-    </div>
-  </div>
-</div>
-
-<div class="row mb-2">
-  <div class="col-6 offset-3">
-    <form name="user_select" id="user_select" action="?action=user&amp;user_action=delete_confirm"
-          method="post" role="form" class="form_inline">
-      <input type="hidden" id="current_user_id" value="{{ userId }}">
-      <div class="card shadow mb-4">
-        <h5 class="card-header py-3">
-          <i aria-hidden="true" class="bi bi-search"></i> {{ msgSearch }}
-        </h5>
-        <div class="card-body">
-          <div class="form-floating">
-            <input type="text" class="form-control" id="pmf-user-list-autocomplete" aria-controls=""
-                   name="user_list_search" placeholder="{{ ad_auth_user }}"
-                   spellcheck="false" autocomplete="off" autocapitalize="off" maxlength="2048">
-            <label for="pmf-user-list-autocomplete">{{ ad_auth_user }}</label>
-          </div>
-        </div>
-      </div>
-    </form>
-  </div>
-</div>
-
-<div class="row mb-2">
-
-  <div class="col-lg-8">
-    <div class="card shadow mb-4">
-      <h5 class="card-header py-3" id="user_data_legend">
-        <i aria-hidden="true" class="bi bi-person"></i> {{ ad_user_profou }}
-      </h5>
-        <div class="card-body">
-          <input type="hidden" id="last_modified" name="last_modified" value="">
-          <input id="update_user_id" type="hidden" name="user_id" value="0">
-          <input type="hidden" id="pmf-csrf-token" name="pmf-csrf-token" value="{{ csrfToken_updateUserData }}" />
-
-          <div class="row mb-2">
-            <label for="auth_source" class="col-lg-4 col-form-label">
-              {{ msgAuthenticationSource }}
-            </label>
-            <div class="col-lg-8">
-              <input id="auth_source" class="form-control-plaintext" type="text" value="n/a"
-                     readonly>
-            </div>
-          </div>
-
-          <div class="row mb-2">
-            <label for="user_status" class="col-lg-4 col-form-label">
-              {{ ad_user_status }}
-            </label>
-            <div class="col-lg-8">
-              <select id="user_status" class="form-select" name="user_status" disabled>
-                <option value="active">{{ ad_user_active }}</option>
-                <option value="blocked">{{ ad_user_blocked }}</option>
-                <option value="protected">{{ ad_user_protected }}</option>
-              </select>
-            </div>
-          </div>
-
-          <div class="row mb-2">
-            <label class="col-lg-4 col-form-label" for="display_name">
-              {{ msgRealname }}
-            </label>
-            <div class="col-lg-8">
-              <input type="text" id="display_name" name="display_name" value=""
-                     class="form-control" required disabled>
-            </div>
-          </div>
-
-          <div class="row mb-2">
-            <label class="col-lg-4 col-form-label" for="email">
-              {{ msgEmail }}
-            </label>
-            <div class="col-lg-8">
-              <input type="email" id="email" name="email" value="" class="form-control" required
-                     disabled>
-            </div>
-          </div>
-
-          <div class="row mb-2">
-            <div class="offset-lg-4 col-lg-8">
-              <div class="form-check">
-                <input class="form-check-input" type="checkbox" id="is_superadmin"
-                       name="is_superadmin">
-                <label class="form-check-label" for="is_superadmin">
-                  {{ ad_user_is_superadmin }}
-                </label>
-              </div>
-            </div>
-          </div>
-
-          <div class="row mb-2">
-            <div class="offset-lg-4 col-lg-8">
-              <a class="btn btn-danger pmf-admin-overwrite-password" data-bs-toggle="modal"
-                 href="#pmf-modal-user-password-overwrite">
-                {{ ad_user_overwrite_passwd }}
-              </a>
-            </div>
-          </div>
-
-          <div class="row mb-2">
-            <div class="offset-lg-4 col-lg-8">
-              <div class="form-check">
-                <input class="form-check-input" type="checkbox" id="overwrite_twofactor"
-                       name="overwrite_twofactor" disabled>
-                <label class="form-check-label" for="overwrite_twofactor">
-                  {{ ad_user_overwrite_twofactor }}
-                </label>
-              </div>
-            </div>
-          </div>
-
-        </div>
-        <div class="card-footer text-end">
-          {% if permissionDeleteUser == true %}
-          <button class="btn btn-danger disabled" id="pmf-delete-user">
-            {{ ad_user_delete }}
-          </button>
-          {% endif %}
-          <button class="btn btn-success disabled" id="pmf-user-save">
-            {{ ad_gen_save }}
-          </button>
-        </div>
-    </div>
-  </div>
-
-  <div class="col-lg-4" id="userRights">
-      <input type="hidden" name="user_id" id="rights_user_id" value="0">
-      <input type="hidden" name="pmf-csrf-token" id="pmf-csrf-token-rights" value="{{ csrfToken_updateUserRights }}" />
-
-      <div class="card shadow mb-4">
-        <div class="card-header d-flex justify-content-between flex-wrap align-items-center py-3">
-          <h5 class="" id="user_rights_legend">
-            <i aria-hidden="true" class="bi bi-lock"></i> {{ ad_user_rights }}
-          </h5>
-          <div class="card-button">
-            <button class="btn btn-success" id="pmf-user-rights-save">
-              {{ ad_gen_save }}
-            </button>
-          </div>
-        </div>
-        <div class="card-body">
-          <div class="text-center mb-3">
-            <button type="button" class="btn btn-primary btn-sm" id="checkAll">
-              {{ ad_user_checkall }}
-            </button>
-            <button type="button" class="btn btn-primary btn-sm" id="uncheckAll">
-              {{ ad_user_uncheckall }}
-            </button>
-          </div>
-          {% for right in userRights %}
-          <div class="form-check">
-            <input id="user_right_{{ right.right_id }}" type="checkbox"
-                   name="user_rights[]" value="{{ right.right_id }}"
-                   class="form-check-input permission" />
-            <label class="form-check-label" for="user_right_{{ right.right_id }}">
-              {{ right.name|permission }}
-            </label>
-          </div>
-          {% endfor %}
-        </div>
-        <div class="card-footer">
-          <div class="card-button text-end">
-            <button class="btn btn-success" id="pmf-user-rights-save">
-              {{ ad_gen_save }}
-            </button>
-          </div>
-        </div>
-      </div>
-  </div>
-</div>
-{% endif %}
-{% if userAction == 'listallusers' and permissionEditUser == true %}
-<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
-  <h1 class="h2">
-    <i class="bi bi-people"></i>
-    {{ msgUserList }}
-  </h1>
-  <div class="btn-toolbar mb-2 mb-md-0">
-    <div class="btn-group mr-2">
-      <a class="btn btn-outline-primary" href="?action=user">
-        <i class="bi bi-three-dots" aria-label="true"></i> {{ ad_user }}
-      </a>
-      {% if permissionAddUser == true %}
-      <button type="button" class="btn btn-outline-success" data-bs-toggle="modal"
-              data-bs-target="#addUserModal">
-        <i class="bi bi-person-add" aria-label="true"></i> {{ ad_user_add }}
-      </button>
-      {% endif %}
-      <button type="button" class="btn btn-outline-info" id="pmf-button-export-users">
-        <i class="bi bi-download" aria-label="true"></i> {{ msgExportUsersAsCSV }}
-      </button>
-    </div>
-  </div>
-</div>
-
-<table class="table table-striped align-middle" id="pmf-admin-user-table">
-  <thead class="thead-dark">
-  <tr>
-    <th>{{ msgNewContentName }}</th>
-    <th>{{ msgNewContentMail }}</th>
-    <th>{{ ad_auth_user }}</th>
-    <th>{{ ad_user_status }}</th>
-    <th>{{ ad_user_is_superadmin }}</th>
-    <th>{{ ad_user_is_visible }}</th>
-    <th>Actions</th>
-  </tr>
-  </thead>
-  {% if perPage < numUsers %}
-  <tfoot>
-  <tr>
-    <td colspan="8">{{ pagination|raw }}</td>
-  </tr>
-  </tfoot>
-  {% endif %}
-  <tbody>
-  {% for user in users %}
-  <tr class="row_user_id_{{ user.id }}" id="row_user_id_{{ user.id }}">
-    <td>{{ user.display_name|raw }}</td>
-    <td>
-      <a href="mailto:{{ user.email|raw }}">
-        {{ user.email|raw }}
-      </a>
-    </td>
-    <td>{{ user.login|raw }}</td>
-
-    <td class="text-center"><i class="fa
-    {% if user.status == 'active' %}
-    bi-person-fill-check text-success
-    {% endif %}
-    {% if user.status == 'blocked' %}
-    bi-person-fill-slash text-danger
-    {% endif %}
-    {% if user.status == 'protected' %}
-    bi-person-fill-lock text-warning
-    {% endif %} icon_user_id_{{ user.id }}"></i></td>
-    <td class="text-center">
-      <i class="fa {% if user.isSuperAdmin == true %} bi-person-fill-check text-success {% else %} bi-person {% endif %}"</i>
-    </td>
-    <td class="text-center">
-      <i class="fa {% if user.isVisible == true %} bi-person-fill {% else %} bi-person {% endif %}"</i>
-    </td>
-
-    <td>
-      <a href="?action=user&amp;user_id={{ user.id }}"
-         class="btn">
-        <i class="bi bi-pencil text-info"></i> {{ ad_user_edit }}
-      </a>
-      {% if user.status == 'blocked' %}
-      <button type="button" class="btn btn-activate-user"
-              id="btn_activate_user_id_{{ user.id }}"
-              data-csrf-token="{{ csrfToken_activateUser }}"
-              data-user-id="{{ user.id }}">
-        <i class="bi bi-unlock-fill text-success"
-           data-csrf-token="{{ csrfToken_activateUser }}"
-           data-user-id="{{ user.id }}"></i>
-        {{ ad_news_set_active }}
-      </button>
-      {% endif %}
-      {% if user.status != 'protected' and permissionDeleteUser == true %}
-      <button type="button" class="btn btn-delete-user"
-              id="btn_user_id_{{ user.id }}"
-              data-csrf-token="{{ csrfToken_deleteUser }}"
-              data-user-id="{{ user.id }}"
-              data-username="{{ user.login }}">
-        <i class="bi bi-trash text-danger" data-csrf-token="{{ csrfToken_deleteUser }}"
-           data-user-id="{{ user.id }}"></i>
-        {{ ad_user_delete }}
-      </button>
-      {% endif %}
-    </td>
-  </tr>
-  {% endfor %}
-  </tbody>
-</table>
-{% endif %}
-
-<!-- Modal to overwrite password -->
-<div class="modal fade" id="pmf-modal-user-password-overwrite">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4>{{ ad_menu_passwd }}</h4>
-        <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
-      </div>
-      <div class="modal-body">
-        <form action="#" method="post" accept-charset="utf-8" autocomplete="off">
-          <input type="hidden" name="csrf" id="modal_csrf"
-                 value="{{ csrfToken_overwritePassword }}" />
-          <input type="hidden" name="user_id" id="modal_user_id" value="{{ userId }}" />
-
-          <div class="row mb-2">
-            <label class="col-5 col-form-label" for="npass">
-              {{ ad_passwd_new }}
-            </label>
-            <div class="col-7">
-              <div class="input-group">
-                <input type="password" autocomplete="off" name="npass" id="npass"
-                       class="form-control" data-pmf-toggle="npass_togglePassword" required>
-                <span class="input-group-text" id="npass_togglePassword">
-                                    <i class="bi bi-eye-slash" id="npass_togglePassword_icon"></i>
-                                </span>
-              </div>
-            </div>
-          </div>
-
-          <div class="row mb-2">
-            <label class="col-5 col-form-label" for="bpass">
-              {{ ad_passwd_con }}
-            </label>
-            <div class="col-7">
-              <div class="input-group">
-                <input type="password" autocomplete="off" name="bpass" id="bpass"
-                       class="form-control" data-pmf-toggle="bpass_togglePassword" required>
-                <span class="input-group-text" id="bpass_togglePassword">
-                                    <i class="bi bi-eye-slash" id="bpass_togglePassword_icon"></i>
-                                </span>
-              </div>
-            </div>
-          </div>
-        </form>
-      </div>
-      <div class="modal-footer">
-        <button class="btn btn-primary" id="pmf-user-password-overwrite-action">
-          {{ ad_user_overwrite_passwd }}
-        </button>
-      </div>
-    </div>
-  </div>
-</div>
-
-<!-- Modal to add a new user -->
-<div class="modal fade" id="addUserModal" tabindex="-1" role="dialog" aria-labelledby="addUserModalLabel"
-     aria-hidden="true">
-  <div class="modal-dialog modal-lg" role="document">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h5 class="modal-title" id="addUserModalLabel">
-          <i aria-hidden="true" class="bi bi-person-plus"></i> {{ ad_adus_adduser }}
-        </h5>
-        <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
-      </div>
-      <div class="modal-body">
-        <form action="#" method="post" role="form" id="pmf-add-user-form" class="needs-validation"
-              autocomplete="off"
-              novalidate>
-
-          <input type="hidden" id="add_user_csrf" name="add_user_csrf"
-                 value="{{ csrfToken_addUser }}" />
-
-          <div class="alert alert-danger d-none" id="pmf-add-user-error-message"></div>
-
-          <div class="row mb-2">
-            <label class="col-lg-4 col-form-label" for="add_user_name">
-              {{ ad_adus_name }}
-            </label>
-            <div class="col-lg-8">
-              <input type="text" name="add_user_name" id="add_user_name" required tabindex="1"
-                     class="form-control">
-            </div>
-          </div>
-
-          <div class="row mb-2">
-            <label class="col-lg-4 col-form-label"
-                   for="add_user_realname">{{ msgRealname }}</label>
-            <div class="col-lg-8">
-              <input type="text" name="add_user_realname" id="add_user_realname" required tabindex="2"
-                     class="form-control">
-            </div>
-          </div>
-
-          <div class="row mb-2">
-            <label class="col-lg-4 col-form-label" for="add_user_email">
-              {{ msgEmail }}
-            </label>
-            <div class="col-lg-8">
-              <input type="email" name="user_email" id="add_user_email" required tabindex="3"
-                     class="form-control">
-            </div>
-          </div>
-
-          <div class="row mb-2">
-            <div class="col-lg-4"></div>
-            <div class="col-lg-8">
-              <div class="form-check">
-                <input class="form-check-input" type="checkbox" id="add_user_automatic_password"
-                       name="add_user_automatic_password" value="">
-                <label class="form-check-label" for="add_user_automatic_password">
-                  {{ ad_add_user_change_password }}
-                </label>
-              </div>
-            </div>
-          </div>
-
-          <div id="add_user_show_password_inputs">
-            <div class="row mb-2">
-              <label class="col-lg-4 col-form-label"
-                     for="add_user_password">{{ ad_adus_password }}</label>
-              <div class="col-lg-8">
-                <div class="input-group">
-                  <input type="password" name="add_user_password" id="add_user_password"
-                         class="form-control" minlength="8"
-                         autocomplete="off" tabindex="4"
-                         data-pmf-toggle="add_user_password_togglePassword">
-                  <span class="input-group-text" id="add_user_password_togglePassword">
-                                            <i class="bi bi-eye-slash" id="add_user_password_togglePassword_icon"></i>
-                                        </span>
-                </div>
-              </div>
-            </div>
-
-            <div class="row mb-2">
-              <label class="col-lg-4 col-form-label"
-                     for="add_user_password_confirm">{{ ad_passwd_con }}</label>
-              <div class="col-lg-8">
-                <div class="input-group">
-                  <input type="password" name="add_user_password_confirm"
-                         id="add_user_password_confirm" minlength="8"
-                         class="form-control" autocomplete="off" tabindex="5"
-                         data-pmf-toggle="add_user_password_confirm_togglePassword">
-                  <span class="input-group-text" id="add_user_password_confirm_togglePassword">
-                                            <i class="bi bi-eye-slash"
-                                               id="add_user_password_confirm_togglePassword_icon"></i>
-                                        </span>
-                </div>
-              </div>
-            </div>
-          </div>
-
-          {% if userIsSuperAdmin == true %}
-            <div class="row mb-2">
-              <div class="col-lg-4"></div>
-              <div class="col-lg-8">
-                <div class="form-check">
-                  <input class="form-check-input" type="checkbox" id="add_user_is_superadmin"
-                         name="user_is_superadmin">
-                  <label class="form-check-label" for="add_user_is_superadmin">
-                    {{ ad_user_is_superadmin }}
-                  </label>
-                </div>
-              </div>
-            </div>
-          {% endif %}
-
-        </form>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">
-          {{ ad_gen_cancel }}
-        </button>
-        <button type="button" class="btn btn-primary" id="pmf-add-user-action">
-          {{ ad_gen_save }}
-        </button>
-      </div>
-    </div>
-  </div>
-</div>
-
-{% if permissionDeleteUser == true %}
-<!-- Modal to confirm deleting a user -->
-<div class="modal fade" id="pmf-modal-user-confirm-delete">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4><i class="bi bi-exclamation-triangle"></i> {{ msgWarning }}</h4>
-        <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
-      </div>
-      <div class="modal-body">
-        <form action="#" method="post" accept-charset="utf-8" autocomplete="off">
-          <input type="hidden" name="csrf" id="csrf-token-delete-user"
-                 value="{{ csrfToken_deleteUser }}" />
-          <input type="hidden" name="user_id" id="pmf-user-id-delete" value="" />
-          <input type="hidden" name="source_page" id="source_page" value="" />
-
-          <div class="row mb-2">
-            <p>{{ ad_user_deleteUser }} '<span id="pmf-username-delete"></span>'?</p>
-          </div>
-
-      <div class="modal-footer">
-        <button type="button" class="btn btn-outline-success" data-bs-dismiss="modal">
-          {{ ad_gen_no }}
-        </button>
-        <button class="btn btn-danger" id="pmf-delete-user-yes" data-bs-dismiss="modal">
-          {{ ad_gen_yes }}
-        </button>
-      </div>
-    </div>
-  </div>
-</div>
-{% endif %}
diff --git a/phpmyfaq/src/admin-routes.php b/phpmyfaq/src/admin-routes.php
index c29d80a485..5f612fea49 100644
--- a/phpmyfaq/src/admin-routes.php
+++ b/phpmyfaq/src/admin-routes.php
@@ -27,6 +27,7 @@
 use phpMyFAQ\Controller\Administration\StopWordsController;
 use phpMyFAQ\Controller\Administration\SystemInformationController;
 use phpMyFAQ\Controller\Administration\UpdateController;
+use phpMyFAQ\Controller\Administration\UserController;
 use Symfony\Component\Routing\Route;
 use Symfony\Component\Routing\RouteCollection;
 
@@ -88,6 +89,16 @@
         'controller' => [InstanceController::class, 'index'],
         'methods' => 'GET'
     ],
+    'admin.password.change' => [
+        'path' => '/password/change',
+        'controller' => [PasswordChangeController::class, 'index'],
+        'methods' => 'GET'
+    ],
+    'admin.password.update' => [
+        'path' => '/password/update',
+        'controller' => [PasswordChangeController::class, 'update'],
+        'methods' => 'POST'
+    ],
     'admin.session.keepalive' => [
         'path' => '/session-keep-alive',
         'controller' => [SessionKeepAliveController::class, 'index'],
@@ -108,16 +119,21 @@
         'controller' => [UpdateController::class, 'index'],
         'methods' => 'GET'
     ],
-    'admin.password.change' => [
-        'path' => '/password/change',
-        'controller' => [PasswordChangeController::class, 'index'],
+    'admin.user' => [
+        'path' => '/user',
+        'controller' => [UserController::class, 'index'],
+        'methods' => 'GET'
+    ],
+    'admin.user.edit' => [
+        'path' => '/user/edit/{userId}',
+        'controller' => [UserController::class, 'edit'],
+        'methods' => 'GET'
+    ],
+    'admin.user.list' => [
+        'path' => '/user/list',
+        'controller' => [UserController::class, 'list'],
         'methods' => 'GET'
     ],
-    'admin.password.update' => [
-        'path' => '/password/update',
-        'controller' => [PasswordChangeController::class, 'update'],
-        'methods' => 'POST'
-    ]
 ];
 
 foreach ($routesConfig as $name => $config) {
diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/AbstractAdministrationController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/AbstractAdministrationController.php
index 961d913eff..3a8f4a6b21 100644
--- a/phpmyfaq/src/phpMyFAQ/Controller/Administration/AbstractAdministrationController.php
+++ b/phpmyfaq/src/phpMyFAQ/Controller/Administration/AbstractAdministrationController.php
@@ -54,7 +54,8 @@ protected function getHeader(Request $request): array
         $secLevelEntries['user'] = $adminHelper->addMenuEntry(
             'add_user+edit_user+delete_user',
             'user',
-            'ad_menu_user_administration'
+            'ad_menu_user_administration',
+            'user'
         );
         if ($this->configuration->get('security.permLevel') !== 'basic') {
             $secLevelEntries['user'] .= $adminHelper->addMenuEntry(
@@ -200,9 +201,7 @@ protected function getHeader(Request $request): array
         );
 
         switch ($action) {
-            case 'user':
             case 'group':
-            case 'cookies':
                 $userPage = true;
                 break;
             case 'category-overview':
@@ -255,6 +254,8 @@ protected function getHeader(Request $request): array
         switch ($request->attributes->get('_route')) {
             case 'admin.password.change':
             case 'admin.password.update':
+            case 'admin.user':
+            case 'admin.user.list':
                 $userPage = true;
                 break;
             case 'admin.attachments':
@@ -334,10 +335,7 @@ protected function getHeader(Request $request): array
     protected function getFooter(): array
     {
         return [
-            'msgSessionExpiringSoon' => Translation::get('msgSessionExpiringSoon'),
             'msgModalSessionWarning' => sprintf(Translation::get('ad_session_expiring'), PMF_AUTH_TIMEOUT_WARNING),
-            'msgNoLogMeOut' => Translation::get('msgNoLogMeOut'),
-            'msgYesKeepMeLoggedIn' => Translation::get('msgYesKeepMeLoggedIn'),
             'msgPoweredBy' => System::getPoweredByString(),
             'documentationUrl' => System::getDocumentationUrl(),
             'phpMyFaqUrl' => System::PHPMYFAQ_URL,
diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/UserController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/UserController.php
index 507b67bb0b..997a4f3936 100644
--- a/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/UserController.php
+++ b/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/UserController.php
@@ -97,21 +97,32 @@ public function csvExport(): Response
         $handle = fopen('php://temp', 'r+');
         fputcsv(
             $handle,
-            ['ID', 'Status', 'Super Admin', 'Visible', 'Display Name', 'Username', 'Email', 'Auth Source']
+            ['ID', 'Status', 'Super Admin', 'Visible', 'Display Name', 'Username', 'Email', 'Auth Source'],
+            ',',
+            '"',
+            '\\',
+            PHP_EOL
         );
 
         foreach ($allUsers as $allUser) {
             $user->getUserById($allUser, true);
-            fputcsv($handle, [
-                $user->getUserId(),
-                $user->getStatus(),
-                $user->isSuperAdmin() ? 'true' : 'false',
-                $user->getUserData('is_visible') ? 'true' : 'false',
-                Report::sanitize($user->getUserData('display_name')),
-                Report::sanitize($user->getLogin()),
-                $user->getUserData('email'),
-                $user->getUserAuthSource(),
-            ]);
+            fputcsv(
+                $handle,
+                [
+                    $user->getUserId(),
+                    $user->getStatus(),
+                    $user->isSuperAdmin() ? 'true' : 'false',
+                    $user->getUserData('is_visible') ? 'true' : 'false',
+                    Report::sanitize($user->getUserData('display_name')),
+                    Report::sanitize($user->getLogin()),
+                    $user->getUserData('email'),
+                    $user->getUserAuthSource(),
+                ],
+                ',',
+                '"',
+                '\\',
+                PHP_EOL
+            );
         }
 
         rewind($handle);
diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/UserController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/UserController.php
new file mode 100644
index 0000000000..0575bfe170
--- /dev/null
+++ b/phpmyfaq/src/phpMyFAQ/Controller/Administration/UserController.php
@@ -0,0 +1,172 @@
+<?php
+
+declare(strict_types=1);
+
+namespace phpMyFAQ\Controller\Administration;
+
+use phpMyFAQ\Core\Exception;
+use phpMyFAQ\Enums\PermissionType;
+use phpMyFAQ\Filter;
+use phpMyFAQ\Pagination;
+use phpMyFAQ\Session\Token;
+use phpMyFAQ\Template\Extensions\PermissionTranslationTwigExtension;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Attribute\Route;
+use Twig\Error\LoaderError;
+
+class UserController extends AbstractAdministrationController
+{
+    /**
+     * @throws Exception
+     * @throws LoaderError
+     * @throws \Exception
+     */
+    #[Route('/user', name: 'admin.user', methods: ['GET'])]
+    public function index(Request $request): Response
+    {
+        $this->userHasPermission(PermissionType::USER_ADD);
+        $this->userHasPermission(PermissionType::USER_DELETE);
+        $this->userHasPermission(PermissionType::USER_EDIT);
+
+        $this->addExtension(new PermissionTranslationTwigExtension());
+        return $this->render(
+            '@admin/user/user.twig',
+            [
+                ... $this->getHeader($request),
+                ... $this->getFooter(),
+                ... $this->getBaseTemplateVars(),
+            ]
+        );
+    }
+
+    /**
+     * @throws Exception
+     * @throws LoaderError
+     * @throws \Exception
+     */
+    public function edit(Request $request): Response
+    {
+        $this->userHasPermission(PermissionType::USER_ADD);
+        $this->userHasPermission(PermissionType::USER_DELETE);
+        $this->userHasPermission(PermissionType::USER_EDIT);
+
+        $userId = Filter::filterVar($request->get('userId'), FILTER_VALIDATE_INT);
+
+        $this->addExtension(new PermissionTranslationTwigExtension());
+        return $this->render(
+            '@admin/user/user.twig',
+            [
+                ... $this->getHeader($request),
+                ... $this->getFooter(),
+                ... $this->getBaseTemplateVars(),
+                'userId' => $userId
+            ]
+        );
+    }
+
+    /**
+     * @throws Exception
+     * @throws LoaderError
+     * @throws \Exception
+     */
+    #[Route('/user/list', name: 'admin.user.list', methods: ['GET'])]
+    public function list(Request $request): Response
+    {
+        $user = $this->container->get('phpmyfaq.user');
+        $allUsers = $user->getAllUsers(false);
+        $numUsers = is_countable($allUsers) ? count($allUsers) : 0;
+        $page = Filter::filterVar($request->query->get('page'), FILTER_VALIDATE_INT, 0);
+        $perPage = 10;
+        $lastPage = $page * $perPage;
+        $firstPage = $lastPage - $perPage;
+
+        $baseUrl = sprintf(
+            '%sadmin/?action=user&amp;user_action=listallusers&amp;page=%d',
+            $this->configuration->getDefaultUrl(),
+            $page
+        );
+
+        // Pagination options
+        $options = [
+            'baseUrl' => $baseUrl,
+            'total' => $numUsers,
+            'perPage' => $perPage,
+            'pageParamName' => 'page',
+        ];
+        $pagination = new Pagination($options);
+
+        $counter = $displayedCounter = 0;
+        $users = [];
+        foreach ($allUsers as $listedUserId) {
+            $user->getUserById($listedUserId, true);
+
+            if ($displayedCounter >= $perPage) {
+                continue;
+            }
+            ++$counter;
+            if ($counter <= $firstPage) {
+                continue;
+            }
+            ++$displayedCounter;
+
+            $tempUser = [
+                'display_name' => $user->getUserData('display_name'),
+                'id' => $user->getUserId(),
+                'email' => $user->getUserData('email'),
+                'status' => $user->getStatus(),
+                'isSuperAdmin' => $user->isSuperAdmin(),
+                'isVisible' => $user->getUserData('is_visible'),
+                'login' => $user->getLogin()
+            ];
+
+            $users[] = $tempUser;
+        }
+
+        return $this->render(
+            '@admin/user/user-list.twig',
+            [
+                ... $this->getHeader($request),
+                ... $this->getFooter(),
+                'perPage' => $perPage,
+                'numUsers' => $numUsers,
+                'pagination' => $pagination->render(),
+                'users' => $users,
+                'userIsSuperAdmin' => $this->currentUser->isSuperAdmin()
+            ]
+        );
+    }
+
+    /**
+     * @throws \Exception
+     * @return array<string, mixed>
+     */
+    private function getBaseTemplateVars(): array
+    {
+        $currentUserId = $this->currentUser->getUserId();
+        $session = $this->container->get('session');
+        $user = $this->container->get('phpmyfaq.user');
+        return [
+            'permissionAddUser' => $this->currentUser->perm->hasPermission(
+                $currentUserId,
+                PermissionType::USER_ADD->value
+            ),
+            'permissionDeleteUser' => $this->currentUser->perm->hasPermission(
+                $currentUserId,
+                PermissionType::USER_DELETE->value
+            ),
+            'permissionEditUser' =>  $this->currentUser->perm->hasPermission(
+                $currentUserId,
+                PermissionType::USER_EDIT->value
+            ),
+            'csrfToken_updateUserData' => Token::getInstance($session)->getTokenString('update-user-data'),
+            'csrfToken_updateUserRights' => Token::getInstance($session)->getTokenString('update-user-rights'),
+            'csrfToken_activateUser' => Token::getInstance($session)->getTokenString('activate-user'),
+            'csrfToken_deleteUser' => Token::getInstance($session)->getTokenString('delete-user'),
+            'csrfToken_addUser' => Token::getInstance($session)->getTokenString('add-user'),
+            'csrfToken_overwritePassword' => Token::getInstance($session)->getTokenString('overwrite-password'),
+            'userRights' => $user->perm->getAllRightsData(),
+            'userIsSuperAdmin' => $this->currentUser->isSuperAdmin()
+        ];
+    }
+}
diff --git a/phpmyfaq/src/services.php b/phpmyfaq/src/services.php
index 0ec79e980c..68698bfccf 100644
--- a/phpmyfaq/src/services.php
+++ b/phpmyfaq/src/services.php
@@ -39,6 +39,7 @@
 use phpMyFAQ\Sitemap;
 use phpMyFAQ\System;
 use phpMyFAQ\Tags;
+use phpMyFAQ\User;
 use phpMyFAQ\User\CurrentUser;
 use phpMyFAQ\User\UserSession;
 use phpMyFAQ\Visits;
@@ -175,6 +176,11 @@
             new Reference('phpmyfaq.configuration')
         ]);
 
+    $services->set('phpmyfaq.user', User::class)
+        ->args([
+            new Reference('phpmyfaq.configuration')
+        ]);
+
     $services->set('phpmyfaq.user.current_user', CurrentUser::class)
         ->factory([CurrentUser::class, 'getCurrentUser'])
         ->args([