Since Debian 13 (Trixie), when using the default FDE which uses grub to decrypt the luks partition, I have a single attempt
When the password is mistyped there is a long pause (over 10 seconds) and then the error appears.
I already tried increasing the max tries, which seems to be set to 1 when a keyfile is used.
Will update for more info
Disk encryption is Luks not bcrypt and Luks timeouts are configurable.
So, it is purely a software timeout and not hardware due to key derivation algorithm? That’s partly understandable and partly a security hole if it can be disabled so easily.