Users are representations of people in the solutions. As such, they have roles, are on teams, have attributes they can change (eg their name), and attributes they cannot (eg their manager).
Roles are a way of giving users permissions. Roles work are, at the platform level, special teams that work together with the security definitions to determine a user's access. Roles give access, they do not take it away. A user without any roles would have no access within the platform.
When a user is created, any existing roles are available to select to give to the user.
Users are given the opportunity to upload an image of themselves to use for indentification within the system, their avatar. This image will appear as part of their header, on their profile, and will display as a representation of them when they are invited to discussions or are listed as a member of a team. If a user has no avatar uploaded, you will see an "empty" image:
There are two types of attributes for user, profile attributes and user attributes. Profile attributes are those items the user can update themselves, such as last name and phone number. User attributes are those items that the user does not have permission to update, such as their department or their manager.
Passwords are entirely within the user's control. They can set or reset their password at any time via the login screen.