For several reasons (I have an external monitor, etc.) when I booted the laptop I typed the FDE (Full Disk Encryption on Linux, LUKS) without looking at the monitor, and I ended up typing the full password and hitting enter before the FDE prompt was available. This means that when I looked at the monitor, I saw something like:
'second-part-of-my-FDE-passprhase' and some message about GRUB not recognizing something.
GRUB> _ (This is a GRUB prompt, I think there was a GRUB prompt here)
That's all. So I hit ESC, and I went back to the list of available options / OSs to boot. Then I followed the usual procedure, as I always do: I selected my Linux OS as usual, saw the FDE password prompt, typed the password, everything was ok.
Now the question is: has my password been leaked somewhere? Was that a security blunder? What I've done is just go to /var/log and try 'sudo grep -Eir --color 'fraction-of-a-word-in-my-passphrase'`, a couple of times for a fraction at the beginning and one at the end of the passphrase, and I found nothing related (although I might have missed something in case it ended up in "binary file foo matches", like in gz archives). By the way, these greps ended up in auth.log, and I later removed those lines.
Then I thought that it's probably useless to check if something has ended up on the disk, because at the time of the "blunder" it was encrypted to begin with. Also, even if something was written later, it will still end up being encrypted at rest (which is what FDE protects against). So leaking the FDE password in clear text inside a FDE disk is probably not a security issue. I think there is a partition that is not encrypted anyway, which should be /boot, which is apparently where anything before FDE lives (including GRUB). So I tried grepping pieces of words inside /boot too, and found nothing interesting (some binary files match, but I doubt my passphrases ended up inside a vmlinuz executable, you know).
So finally, did I miss anything? Should I check anything else? Should I stop being paranoid and forget about it? Should I change password? But you know, changing a long passphrase that you have finally learned by heart so well, is such a huge pain.
