In the EFDE policy we have total recovery password uses, and the recovery password reset when it reaches a number of uses left. The issue I see with this is that the user can reuse the same recovery password until they reach the auto-generate new password in policy, could we have this to where it could generate a new password after a number of use? For example in policy there's 20 recovery password uses, and it'll auto-generate a new recovery after every 2 recovery password used, and it'll warn the user when there's 4 total recovery password uses available before recovery data needs to be done. Another thing in entering incorrect password at the EFDE login screen, sometimes I get more attempts than I'm allowed and/or system reboot after 3 times. I'm thinking there's a bug in the password attempts, but it would nice for users to see how many more attempts until the current password is disabled.