Since Debian 13 (Trixie), when using the default FDE which uses grub to decrypt the luks partition, I have a single attempt
When the password is mistyped there is a long pause (over 10 seconds) and then the error appears.
I already tried increasing the max tries, which seems to be set to 1 when a keyfile is used.
Will update for more info


Is it? I always though the password is hashed via Bcrypt (or similar) with very high difficulty so it takes some time to check
Disk encryption is Luks not bcrypt and Luks timeouts are configurable.
So, it is purely a software timeout and not hardware due to key derivation algorithm? That’s partly understandable and partly a security hole if it can be disabled so easily.