Here is a question for all your developers and Symantec guys - Would not the addition of TPM support provide greater security with WDE?
Say a bad guy takes your hard drive. Even if you have a really crappy password, the bad guy cannot brute force decryption since, even with a valid password (or having guessed the password), the drive cannot be decrypted, right?
It would also force the bad guys to do a brute force decryption using your own computer instead of on their super computers, right? Which would be a much slower process since they would not be able to modify or somehow do something to your hardware (or add something to it) that would speed the process along, right?
Also, as an additional idea, how about placing a time out of like 5 minutes when you mess up the password 3 or so times? Then, keep increasing the time out times after each set of 3 (or whatever) unsuccessful guesses, so that after the 4th or 5th set, you're timed out for 24 hours. WOuld that not stop bruce force attempts even if the hard drive is hooked up to their super computer?