We take security very seriously, of course, and the described problem is no exception. But to better understand what the problem is we need to know one thing:
– You say that three users were able to login to the machine. Were these users able to do so without a valid user name and without a valid system password?
– Or all of them had to provide valid credentials for the system (that has these three system users created)?
I have the impression that the problem is just regarding what desktop was presented to them (what Apple calls Fast User Switching). Please, be quick to respond because if this problem is really exposing NoMachine users to a risk, it’s important we react quickly.