If a meeting has a password required and also lobby enabled, would it make sense to have the password grant co-moderator permissions, and everyone who didn’t enter the password but got admitted to the meeting via lobby request, gets no permission to change any meeting-wide setting?
Welcome to the forum!
If you’re talking about the public instance at meet.jit.si, everyone is a moderator by default, so you can’t easily assign those privileges (you could try using URL params).
If you’re hosting your own Jitsi server however, you can implement Secure domain, which would require the moderator to authenticate, hence gaining moderator privileges. Everyone else will get in as a guest and won’t be able to make any meeting-wide changes.