I am wondering why GrapheneOS don't implement biometric BUT only with 2FA , for example: use finger and then a Android ask for specific password/pin to unlock device, this would let people use biometric with pass and don't worry about forcing by law enforcment or other