Good afternoon everyone, I've been testing grapheneos for a few months. I have been able to verify on the lock screen of both the primary and secondary users that I can switch users on the lock screen even with Show device controls disabled in the lock screen settings.
There is also a small button from time to time to change users. I understand all this at the comfort level, but at the security level? If a person takes my mobile, why would I want them to be able to change users?
I think it should be optional to be able to change users on the lock screen.
Also add that sometimes being in the second user, when unlocking and asking for a pin, sometimes the smallest numbers appear, simple visual bug.

I hope everything can be understood well, I'm sorry for a possible bad English, I'm Spanish and I'm using the translator.
Also highlight how comfortable I am with the rom, these little things that I highlight are the only bad thing I found, at the moment lol. Greetings and regards :)

Hello!

To clarify, Android security model assumes that a single device can be used by multiple different users. That is exactly why user profiles feature exists.

Let me give you an example.
Let's say that you have a child and sometimes you allow them to use your phone. In this case, it makes sense for you to create a separate user profile for your child, install the needed apps, and maybe disallow installing new apps after that. You, as the owner of the device, should know the password to the owner profile and maybe even the password to your child's user profile but not necessarily. On the other hand, your child would only know the password to their own user profile. In this setup, your child can take your phone and switch to their user profile anytime without knowing the password of the owner profile.

That is how Android is designed and GrapheneOS only makes it better by allowing to have more user profiles, having a toggle for cross-profile notifications, and many many more features.

    Hulk I understand, thanks for the clarification. My point of view is different since my mobile is only mine hehehe but I understand that there are more cases apart from mine xd Thank you for giving me the other point of view.
    Greetings and I hope you have a good day <3

    a month later

    I agree with cogollos... GrapheneOS is intended to maximize not just the security but the privacy of one's device. Thus, it is a privacy issue to show the existing users in the lock screen; they definitely should be hidden. Furthermore it should be allowed to make some kind of super user that would be able to set permissions on the other users