Skipry you can do either, depending on your threat model and use cases. Some people prefer fewer profiles (or in my case, two devices with one profile each), others like many profiles and make use of the features like notification forwarding. You could also decide to mainly use user profiles, but have your owner profile take care of installing and updating all apps and passing them through to the respective user profiles (to not have to juggle different app stores or update routines).
Regarding pin: You could decide to not use pin or password for profiles, so you don't have to enter anything (but that's true for everyone else and dramatically decreases your security). You could also decide to use finger print unlock. Since the profiles are mostly separated and some global settings are managed by the owner profile, you need to be aware that:
- whenever you change to another profile, you'll have to unlock it (and in the process you lock the profile you're coming from).
- upon rebooting the device or activating lockdown mode, you must unlock the owner profile first and you must do so with password/pin as fingerprint won't work on first unlock.
All of this is part of the AOSP/GOS security model to help you protect your data. If you need convenience, I suggest using fingerprint unlock and setting auto reboot to 48h. The phone would then only reboot when lost or after updating (or of course if you let it run out of battery).