Currently, once a Device Encryption password/PIN is set in IGEL OS 12, it cannot be changed by the user or administrator without reinstalling the OS.
This creates operational and security challenges:
- Users cannot change their password/PIN periodically.
- Compromised passwords/PINs cannot be rotated.
- Forgotten passwords require a full OS reinstallation.
- This does not align well with common security policies and compliance requirements.
Please add support for:
- User-initiated password/PIN changes (after entering the current password/PIN).
- Administrator-assisted password/PIN reset or recovery.
- Optional recovery key functionality
This would significantly improve security, usability, and enterprise manageability of Device Encryption in IGEL OS 12.