Planning your return to office strategy? See how Chrome OS can help.

Let multiple users sign in at the same time

For managed Chrome OS devices.

By default, users can sign in to multiple Google Accounts at the same time on a device running Chrome OS. Users can switch between accounts without signing out and in again. As a Chrome administrator, you can control whether multiple users can sign in on a device. For example, you can specify that the first user must sign in to a managed Google Account. Or,  you can allow only one user to sign in at a time.


  • The first user to sign in is the primary user. Subsequent users are secondary users.The data in each user account is kept separate.
  • Device-level settings that you set using the Google Admin console apply to all users on a device, even if they sign in as a guest or with a personal Google Account.
  • Most user-level policies are individually applied to each account on a device. However, if a primary user signs in to a managed Google Account, the following user policies that you set also apply to secondary accounts on the device:
    • Admin ConsoleScreenshot, External storage devices, and Online revocation checks. For information about these settings, see Set Chrome policies for users or browsers.
    • Chromium policies that are not applied individually to each account. In the Chromium policy list, search for policies with Per Profile: No. See the Policy List.
  • On a device running Chrome OS, the primary user’s password unlocks the screen. To prevent unmanaged users from unlocking a screen and accessing primary and secondary accounts, only let users with a managed Google Account be primary users.
  • Secondary users on a device might be able to access your network, even if they don’t have a managed Google Account. For example, apps and extensions that you do not allow users in your organization to install can be installed in secondary accounts. Those apps and extensions might access your network. To prevent unmanaged access to your network, do not let users sign in to more than one account at a time.

Let multiple users sign in to a device

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in

  2. From the Admin console Home page, go to Devicesand thenChrome.
  3. Click Settingsand thenUsers & browsers
  4. To apply the setting to all users, leave the top organizational unit selected. Otherwise, select a child organizational unit.
  5. Go to User experienceand thenMultiple sign-in access.
  6. Choose an option:
    • To let multiple users sign in at the same time but specify that the primary user must sign in to a managed Google Account, select Managed user must be the primary user (secondary users are allowed).
    • To let multiple users sign in and allow the primary user to sign in to an unmanaged account, such as their personal Google Account, select Unrestricted user access (allow any user to be added to any other user’s session).
    • To prevent managed users from signing in to more than one account at a time, select Block multiple sign-in access for users in this organization.
  7. At the bottom, click Save.

Related topics

Was this helpful?
How can we improve it?
Clear search
Close search
Google apps
Main menu
Search Help Center