• General
  • Work Profile vs. User Profile

  • [deleted]

What are the advantages of using an extra user profile over a work profile which is obviously a lot more convenient.
Of course I have to trust another app to "activate" the work profile (e.g. Insular) but besides that does a user profile just have even better isolation or how does this work?

Work profiles are convenient but that's about it. They should not be considered as a proper separate workspace, which user profiles are. Each user profile has its own encryption keys, making them more powerful if you want to strictly isolate data that apps should never access to. And as you said, you don't need a third-party app to enable and manage the feature.

GrapheneOS plans to add cross-user-profile notification in the future to make them even more convenient.

    Wonderfall Each user profile has its own encryption keys

    This is also true for work profiles.

    Wonderfall making them more powerful if you want to strictly isolate data that apps should never access to

    This can be done perfectly well with work profiles too, in fact, it's the very thing they were designed to do - provide isolation between work and personal data.

    Wonderfall And as you said, you don't need a third-party app to enable and manage the feature.

    This is the only disadvantage of work profiles I see, although it's quite a big one.

      kokolem This is also true for work profiles.

      Not in the same way user profiles do. By their very nature, user profiles provide totally different workspaces and GrapheneOS provides the option to put the entire profile at rest with an "End session" button. Encryption keys are protected by their lock method like you would expect. You don't get that flexibility with work profiles.

      In fact, each user profile has its own Weaver slot on the secure element. Compared to stock OS, GrapheneOS raises the number of user profiles from 4 to 16. That's one of the ways (including the upcoming cross-profile notifications feature) GrapheneOS aims to make user profiles more convenient and the de facto choice for compartmentalization.

      By design, work profiles are also made to allow communication between apps on the user profile and the nested work profile. That can't happen with apps on different user profiles (even the with the mutually consented IPC that takes place in a user profile) unless they use network (which can be revoked by the network permission, including localhost).

      (Also to be clear, the app sandbox always applies whether you use work/user profiles or not. These profiles are not substitutes for the app sandbox.)

      kokolem This is the only disadvantage of work profiles I see, although it's quite a big one.

      Yeah, because the device manager app has ownership over the data of the work profile it manages, and not yourself, fundamentally. You're trusting a third-party app with considerable permissions over that data. Work profiles were designed with BYOD deployments (bring your own device) in mind.

      For these reasons, we often recommend user profiles as the preferred way to create isolated workspaces. I hope I was able to give a satisfying enough answer to explain why.

      External documentation to learn more about user/work profiles:
      https://source.android.com/devices/tech/admin/multi-user
      https://source.android.com/devices/tech/admin/managed-profiles

      6 months later

      As much as I want to like user profiles, they have some glaring inconveniences that would be problematic at least for me. The first is notifications - while there is now notification forwarding, it seems to never show notification content, even if the content would be available on the lock screen. Switching between user profiles is also a big pain requiring many extra interactions (swipe down to get the notification tray, swipe down again, tap to pull up the set of user profiles, tap on the one I want, and then wait several seconds for the fingerprint sensor to wake up, or type in the passcode). Finally, with work profiles you can e.g. be on a call in discord in the main profile, while using an app from the work profile at the same time; as far as I understand it, this isn't possible with user profiles. For my usecases these inconveniences make user profiles just really not work. Are there any ways in which these pain points might be addressed in the future?

        pythoner6 I am also interested in your use case. The question is, why do you need two different profiles (work or user) at all?

        As I understand it, the apps are already in a sandbox and cannot interact with each other without explicit permission. The additional layer of a second profile would be redundant in that case. The only additional information you reveal is the other apps installed in the profile. I don't know if this information is really valuable to hide.

        I can't say I fully understand exactly how things are sandboxed so maybe the profile isn't too necessary from that perspective. However the main thing is that it lets me have a second copy of apps (signed into different accounts), and be more sure I'm not accidentally giving permissions I didn't mean to. E.g. if I accidentally give permissions to see contacts, in the work profile I don't have any contacts.

          pythoner6 I'm also still trying to figure out the best way to use profiles.

          If you want to use different accounts in the same application, different profiles are the way to go. However, you should be aware that using different identities in different profiles doesn't provide any privacy benefits without tweaking other things. It shouldn't be too hard to figure out that you are the same person using two accounts.

          9 months later

          If I may resurrect this thread...

          I need a couple of apps that require Play Services to work. I don't want to install Play Services in my main profile or have Play Services access anything on my phone or be able to run in the background when I'm not using one of the apps in the other profile. But I want to get notifications from these apps and not to be inconvenienced too much.

          The apps are:

          • various banking apps that most likely won't run without Play Services
          • Ring doorbell app and another proprietary app connecting to my burglar alarm, both need perfectly working notifications to be useful
          • Kakaotalk (Korean messenger), needs working notifications

          For this use case would a work profile be enough?

            Elk9877 I had same requirements and opted to use Shelter and install Google Play (and services) in the work profile only. Then I install any apps I need to get from Play in that profile. That way whatsapp, google services etc can't see my contacts, files, sms etc, except for what is in the work profile, which is nothing.

            2 months later

            I've been experimenting with a work profile as a gatekeeper for Google Play Services. One thing I have found is that some apps that are only available from the Play Store need Play Services to be running every time you launch them, while others do not. For example I needed Play Services running on my first run of JuiceSSH, because I needed to get the app to recognise my Pro licence. After that it ran just fine without. So I can run my work profile with Play Services frozen most of the time. PayPal won't run without Play Services (though I believe the web app will work just fine without.)

            For cases where I want a high level of privacy, such as banking apps, I still keep separate user profiles.

            9 months later

            can someone share location of the work profile creation page in settings? i can see there is an app called Work Setup looks like it a system app, but nowhere on me P8 i can choose to create a work profile. when i enable multiple users feature options to create a user profile and/or guest profile there is absolutely no work profile.

              was this all spoken in relation to stock android? i just realized after checking the links from above. never mind then.

              Themble thank you, the fact that there is already an app Work Setup would make i
              t harder for me to figure this out. till recent i easily managed to keep my setup very minimalist if not ascetic, by following one rule that i have come up to way before i discovered GOS and gladly saw that gos devs are also recommending it. it is to keep as little apps as possible and stick to web browser services. never had an issue, until work required me to use MS Teams which also can be achieved with web browser, but i guess this is the point when decrease in convenience makes it worth to finally make use of this bulletproof wall GOS provides us to keep untrusted apps in control and still be able to benefit from them. can you in couple words tell me the key pros and cons between the user vs work profile please?