diff --git a/.gitignore b/.gitignore
index b63256dc..058059f8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
+
 # Compiled python modules.
 *.pyc
 
@@ -26,4 +27,7 @@ manage.py
 
 # migrations
 /rowers/migrations/
-/cvkbrno/migrations/
\ No newline at end of file
+/cvkbrno/migrations/
+
+# secrets
+config.yaml
diff --git a/rowers/models.py b/rowers/models.py
index 430c474b..eebab17c 100644
--- a/rowers/models.py
+++ b/rowers/models.py
@@ -73,6 +73,12 @@ class Rower(models.Model):
 				      choices=weightcategories)
 
     ftp = models.IntegerField(default=226,verbose_name="Functional Threshold Power")
+
+    pw_ut2 = models.IntegerField(default=160,verbose_name="UT2 Power")
+    pw_ut1 = models.IntegerField(default=160,verbose_name="UT1 Power")
+    pw_at = models.IntegerField(default=160,verbose_name="AT Power")
+    pw_tr = models.IntegerField(default=160,verbose_name="TR Power")
+    pw_an = models.IntegerField(default=160,verbose_name="AN Power")
     
     c2token = models.CharField(default='',max_length=200,blank=True,null=True)
     tokenexpirydate = models.DateTimeField(blank=True,null=True)
diff --git a/rowers/templates/rower_form.html b/rowers/templates/rower_form.html
index 90674a5c..7710ccb7 100644
--- a/rowers/templates/rower_form.html
+++ b/rowers/templates/rower_form.html
@@ -23,7 +23,30 @@
 </div>
 <div class="grid_6 omega">
   <p>
-  <h2>Functional Threshold Power</h2>
+    <h2>Power Bands</h2>
+    <table width="70%" class="listtable">
+      <thead>
+        <tr>
+          <th>Band</th>
+          <th>Value</th>
+        </tr>
+      </thead>
+      <tbody>
+        <tr>
+          <td>UT2 Power</td><td>{{ rower.pw_ut2 }} Watt</td>
+        </tr><tr>
+          <td>UT1 Power</td><td>{{ rower.pw_ut1 }} Watt</td>
+        </tr><tr>
+          <td>AT Power</td><td>{{ rower.pw_at }} Watt</td>
+        </tr><tr>
+          <td>TR Power</td><td>{{ rower.pw_tr }} Watt</td>
+        </tr><tr>
+          <td>AN Power</td><td>{{ rower.pw_an }} Watt</td>
+        </tr>
+    </table>
+  </p>
+  <p>
+    <h2>Functional Threshold Power</h2>
     <form enctype="multipart/form-data" action="" method="post">
       <table>
 	{{ powerform.as_table }}
@@ -63,9 +86,12 @@
 
   
   <div class="grid_6 prefix_6 alpha">
+      <p>
+    <h2>Favorite Charts</h2>
     <div class="grid_2 suffix_4 alpha">
-      <a class="button gray small" href="/rowers/me/favoritecharts">Manage Favorite Charts</a>
+        <a class="button gray small" href="/rowers/me/favoritecharts">Manage Favorite Charts</a>
     </div>
+      </p>
   </div>
 
 
diff --git a/rowers/views.py b/rowers/views.py
index 42fdca31..74718b57 100644
--- a/rowers/views.py
+++ b/rowers/views.py
@@ -4497,7 +4497,9 @@ def rower_edit_view(request,message=""):
 	else:
 	    message = HttpResponse("invalid form")
 	    return render(request, 'rower_form.html',
-			  {'form':form,})
+			  {'form':form,
+                           'rower':r,
+                          })
 	    # url = reverse(rower_edit_view,args=[str(message)])
 	    # response = HttpResponseRedirect(url)
 			  
@@ -4511,9 +4513,16 @@ def rower_edit_view(request,message=""):
 	    try:
 		r = Rower.objects.get(user=request.user)
 		r.ftp = max(min(ftp,650),50)
+                powerperc = [55,75,90,105,120]
+                ut2,ut1,at,tr,an = (r.ftp*np.array(powerperc)/100.).astype(int)
+                r.pw_ut2 = ut2
+                r.pw_ut1 = ut1
+                r.pw_at = at
+                r.pw_tr = tr
+                r.pw_an = an
 		r.save()
 		message = "Functional Threshold Value Changed"
-		url = reverse(workouts_view,args=[str(message)])
+		url = reverse(rower_edit_view,args=[str(message)])
 		response = HttpResponseRedirect(url)
 	    except Rower.DoesNotExist:
 		message = "Funny. This user doesn't exist."
@@ -4524,6 +4533,7 @@ def rower_edit_view(request,message=""):
 	    return render(request, 'rower_form.html',
 			  {'form':form,
 			   'powerform':powerform,
+                           'rower':r,
 			   })
 			  
 	    
@@ -4531,6 +4541,18 @@ def rower_edit_view(request,message=""):
     else:
 	try:
 	    r = Rower.objects.get(user=request.user)
+
+            # Temporary code
+            powerperc = [55,75,90,105,120]
+            ut2,ut1,at,tr,an = (r.ftp*np.array(powerperc)/100.).astype(int)
+            r.pw_ut2 = ut2
+            r.pw_ut1 = ut1
+            r.pw_at = at
+            r.pw_tr = tr
+            r.pw_an = an
+	    r.save()
+            # end temporary
+            
 	    form = RowerForm(instance=r)
 	    powerform = RowerPowerForm(instance=r)
             grants = AccessToken.objects.filter(user=request.user)
@@ -4539,6 +4561,7 @@ def rower_edit_view(request,message=""):
 			      'form':form,
 			      'powerform':powerform,
                               'grants':grants,
+                              'rower':r,
 			      })
 	except Rower.DoesNotExist:
 	    return HttpResponse("This user doesn't exist")
diff --git a/rowsandall_app/settings.py b/rowsandall_app/settings.py
index 2acc6d7c..9792f4e8 100644
--- a/rowsandall_app/settings.py
+++ b/rowsandall_app/settings.py
@@ -11,8 +11,12 @@ https://docs.djangoproject.com/en/1.9/ref/settings/
 """
 # -*- coding: utf-8 -*-
 import os
+from YamJam import yamjam
 from django.utils.translation import ugettext_lazy as _
 
+# Read configuration (passwords, keys, secrets) from YamJam configuration
+# You have to create your own config.yaml in the project directory
+CFG = yamjam()['rowsandallapp']
 
 DEFAULT_CHARSET = 'UTF-8'
 
@@ -29,7 +33,7 @@ SECRET_KEY = 'z_@2yia858=2i1cygo4ne3+14&i_&@wlty68$q1igdvn=9k5mo'
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = False
 
-ALLOWED_HOSTS = ['rowsandall.com','rowsandall-1072.rostiapp.cz']
+ALLOWED_HOSTS = CFG['allowed_hosts']
 
 
 # Application definition
@@ -205,20 +209,20 @@ LOGIN_URL = '/login/'
 LOGOUT_URL = '/logout/'
 
 # Concept 2
-C2_CLIENT_ID = "bgTBbmjSyn8wbJb0JEdlYjDUfSZFAPQSzJV8YDwH"
-C2_CLIENT_SECRET = "HD6HnEu8bFWGkrpGoa89kliXhofLzAHzllltWMPg"
+C2_CLIENT_ID = CFG['c2_client_id']
+C2_CLIENT_SECRET = CFG['c2_client_secret']
 C2_REDIRECT_URI = "http://rowsandall.com/call_back"
 
 # Strava
 
-STRAVA_CLIENT_ID = "11567"
-STRAVA_CLIENT_SECRET = "9e55d439879e1da6724e75e4a3220b35a493fe24"
+STRAVA_CLIENT_ID = CFG['strava_client_id']
+STRAVA_CLIENT_SECRET = CFG['strava_client_secret']
 STRAVA_REDIRECT_URI = "http://rowsandall.com/stravacall_back"
 
 # SportTracks
 
-SPORTTRACKS_CLIENT_ID = "rowingdata"
-SPORTTRACKS_CLIENT_SECRET = "3GZVXH8GB4PZQHPD"
+SPORTTRACKS_CLIENT_ID = CFG['sporttracks_client_id']
+SPORTTRACKS_CLIENT_SECRET = CFG['sporttracks_client_secret']
 SPORTTRACKS_REDIRECT_URI = "http://rowsandall.com/sporttracks_callback"
 
 # RQ stuff
@@ -248,19 +252,19 @@ SESSION_ENGINE = "django.contrib.sessions.backends.cache"
 # email stuff
 
 EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
-EMAIL_HOST = 'mail.rosti.cz'
+EMAIL_HOST = CFG['email_host']
 #EMAIL_HOST = 'smtp.rosti.cz'
 EMAIL_PORT = '25'
-EMAIL_HOST_USER = 'info@rowsandall.com'
+EMAIL_HOST_USER = CFG['email_host_user']
 #EMAIL_HOST_PASSWORD = 'lnD3mbZ1NoI8RK1StOdO'
-EMAIL_HOST_PASSWORD = '0r0wYgQUReOYK7sEkBby'
+EMAIL_HOST_PASSWORD = ['email_host_password']
 EMAIL_USE_TLS = True
 
 
 # weather stuff
 
-FORECAST_IO_KEY = "bc8196fbd89f11375c7dfc8aa6323c72"
-GMAPIKEY = "AIzaSyAgu1w9QSthaGPMLp8y9JedPoMc9sfEgJ8"
+FORECAST_IO_KEY = CFG['forecast_io_key']
+GMAPIKEY = CFG['gmapikey']
 
 # OAUTH2
 
@@ -304,10 +308,10 @@ SWAGGER_SETTINGS = {
 
 # Analytics
 
-CLICKY_SITE_ID = '101011008'
+CLICKY_SITE_ID = CFG['clicky_site_id']
 
-TWEET_ACCESS_TOKEN_KEY = "792366179780268032-tlk7QofNsx7GlNzefmHUzmxcpTITzyO"
-TWEET_ACCESS_TOKEN_SECRET = "sOhEZ1GyQ9ROzgmAKoNfQIjWaOKMMSgP03EIJuuIvLGRc"
-TWEET_CONSUMER_KEY = "gtXQGCMN98dnF6eut2F5xtDET"
-TWEET_CONSUMER_SECRET = "rS78fNy1E075bssAoZl45QJN27X7XoYhnhSFgvqpJ5V7d5R8Wp"
+TWEET_ACCESS_TOKEN_KEY = CFG['tweet_access_token_key']
+TWEET_ACCESS_TOKEN_SECRET = CFG['tweet_access_token_secret']
+TWEET_CONSUMER_KEY = CFG['tweet_consumer_key']
+TWEET_CONSUMER_SECRET = CFG['tweet_consumer_secret']