Edit: N1b summarized it more concisely. 😄 Anyway, here's the full post as I wrote it:
The first paragraph in this text summarizes common use cases of profiles: https://grapheneos.org/features#improved-user-profiles
Quote from the FAQ section of the website:
The advantage to using separate passphrases is in case an attacker records you entering it.
I'll add that user profiles allow you to have separate VPN services, so they are not shared between profiles.
Here's how I personally use profiles:
Owner profile:
- Basically 98% of my daily usage goes on here.
- I have "block connections without VPN" enabled, because I don't want IP leaks when I inevitably close the VPN app for some reason and forget to open it again.
Banking apps:
- Separate unlock PIN in order to slightly reduce the chance of compromise in case a thief snatches my phone out of my hands with my owner profile unlocked, or observes me entering the owner profile PIN. (Of course, a thief could just threaten me with violence if I don't immediately unlock the profile to transfer 40k to their bank account. Not much protection against that).
- No VPN service running in order to avoid my banks locking me out due to flagging my IP address as suspicious
Work apps:
- No VPN service running in order to avoid the IT security department from losing their heads and calling me late at night because they think someone somehow compromised my account by stealing my phishing-resistant security key...
- Don't want to look at work apps during my spare time if I can avoid it ("compartmentalisation" I believe it's called)
Testing profiles: I create profiles for testing various features in a more fresh environment, and to help with reproducing reported bugs.