I noticed something strange when attempting to change my encryption password on my librem 13, it seems that there are two keyslots which have different passwords enabled. After looking online it seems that this means that there are two separate passwords which will unlock the disk, however I am positive I only set one.
I decided to see if this was due to something that happened to me, if someone had somehow managed to hack me/get physical access or something and enable a separate password, so I downloaded another pureos image and loaded it in a VM. I went through the setup and installation and everything, and once everything was set up I checked the enabled passwords again with cryptsetup luksDump /dev/luksdevice, and found there were again two key slots with passwords enabled. I tried to delete the hidden password, however it was not the same as my password, wasn’t blank, and I was unable to access or delete it.
I’m not sure what could be causing this, it seems like anyone who knew this password could log into the device. If anyone has any ideas or could clear this up I would be very grateful, as it is very concerning.