I must have misunderstood. Regardless of how the image is built how would a user administer the workstation or gateway if there was no access to the root account and no sudo?
As it stands there are four accounts in Whonix, two in each VM. If a user made the password of all four the same, how bad would that be? I don’t see a problem in having the same password for root and regular user in the same VM at all, because both can do the same stuff given sudo. If I’m wrong about the last point please correct me.