When a LUKS encrypted partition pops up the unlock window it gives 3 options for how to remember the password. The "Remember password until you logout" is always ticked by default. Is there a way to make "Forget password immediately" the default?
Enter a passphrase to unlock the volume:
[ ] Forget password immediately
[x] Remember password until you logout
[ ] Remember forever
Here are a few key points regarding making "Forget password immediately" the default when opening a LUKS encrypted partition:
By default, LUKS does not automatically forget the password after opening an encrypted partition. This is a security feature to allow users to remount the partition without re-entering the password.
However, for security reasons, it is generally recommended to configure LUKS to forget the password immediately after the partition is unmounted. This prevents the password from being stored in memory and potentially accessed by unauthorized users.
To make "Forget password immediately" the default when opening a LUKS encrypted partition, you can add the --key-file=/dev/urandom option to the cryptsetup luksOpen command. This will use a random key from /dev/urandom instead of storing the password in memory.
Alternatively, you can set the issue_discards option in the /etc/crypttab file for the LUKS device. This will cause the kernel to discard the encryption key when the device is closed.
Keep in mind that making the password forget immediately may be inconvenient if you need to frequently mount and unmount the encrypted partition. You'll have to re-enter the password each time.