Systems and methods for maintaining encryption keys are disclosed. An encrypted master key is determined by encrypting a master key based on an initial user password and discarding the master key. The encrypted master key is stored. A request for the master key including a present user password is received and verified based on comparison to the initial user password. Based on failure of verifying the present user password, a failed attempt counter that is maintained within a secure container is created. User password based access to the master key is locked out based on the failed attempt counter exceeding a defined value.