diff --git a/pkg/config/config.go b/pkg/config/config.go
index c0520df..a344588 100644
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@@ -7,7 +7,6 @@ import (
 	"os"
 	"strings"
 
-	"github.com/gofrs/uuid"
 	"github.com/jaypipes/ghw/pkg/block"
 	"github.com/kairos-io/kairos-sdk/collector"
 	"github.com/pkg/errors"
@@ -121,25 +120,3 @@ func (c Config) LookupLabelForUUID(uuid string) string {
 
 	return ""
 }
-
-// GetLabelForUUID returns the partition label for a known UUID
-// UUIDS are generated on luksify method
-// They are generated by setting the namespace to DNS and the name to the fs label, so they are always the same
-func (c Config) GetLabelForUUID(uuidCheck string) (string, error) {
-	persistent := uuid.NewV5(uuid.NamespaceURL, "COS_PERSISTENT")
-	oem := uuid.NewV5(uuid.NamespaceURL, "COS_OEM")
-	fmt.Printf("Checking uuid: %s\n", uuidCheck)
-	parsedUUID, err := uuid.FromString(uuidCheck)
-	if err != nil {
-		return "", err
-	}
-	switch parsedUUID {
-	case persistent:
-		return "COS_PERSISTENT", nil
-	case oem:
-		return "COS_OEM", nil
-	default:
-		return "", errors.New("no partition found with that uuid")
-
-	}
-}
diff --git a/pkg/lib/lock.go b/pkg/lib/lock.go
index 98fc0c3..c91d082 100644
--- a/pkg/lib/lock.go
+++ b/pkg/lib/lock.go
@@ -76,6 +76,7 @@ func Luksify(label string, logger types.KairosLogger, argsCreate ...string) (str
 	device := fmt.Sprintf("/dev/%s", part)
 
 	extraArgs := []string{"--uuid", uuid.NewV5(uuid.NamespaceURL, label).String()}
+	extraArgs = append(extraArgs, "--label", label)
 	extraArgs = append(extraArgs, argsCreate...)
 
 	if err := CreateLuks(device, pass, extraArgs...); err != nil {
@@ -207,10 +208,14 @@ func formatLuks(device, name, mapper, label, pass string, logger types.KairosLog
 		return fmt.Errorf("mkfs err: %w, out: %s", err, out)
 	}
 
+	// Refresh needs the password as its doing actions on the device directly
 	l.Debug().Msg("discards")
-	out, err = SH(fmt.Sprintf("cryptsetup refresh --persistent --allow-discards %s", mapper))
+	cmd := exec.Command("cryptsetup", "refresh", "--persistent", "--allow-discards", mapper)
+	cmd.Stdin = strings.NewReader(pass)
+	output, err := cmd.CombinedOutput()
+
 	if err != nil {
-		return fmt.Errorf("refresh err: %w, out: %s", err, out)
+		return fmt.Errorf("refresh err: %w, out: %s", err, string(output))
 	}
 
 	l.Debug().Msg("close")
diff --git a/pkg/lib/unlock.go b/pkg/lib/unlock.go
index 2fead66..1848ba5 100644
--- a/pkg/lib/unlock.go
+++ b/pkg/lib/unlock.go
@@ -3,7 +3,6 @@ package lib
 import (
 	"fmt"
 	"path/filepath"
-	"strings"
 
 	"github.com/anatol/luks.go"
 	"github.com/jaypipes/ghw"
@@ -11,7 +10,6 @@ import (
 	"github.com/kairos-io/kairos-sdk/types"
 	"github.com/kairos-io/kairos-sdk/utils"
 	"github.com/kairos-io/kcrypt/pkg/bus"
-	configpkg "github.com/kairos-io/kcrypt/pkg/config"
 	"github.com/mudler/go-pluggable"
 )
 
@@ -26,11 +24,6 @@ func UnlockAllWithLogger(tpm bool, log types.KairosLogger) error {
 	bus.Manager.Initialize()
 	logger := log.Logger
 
-	config, err := configpkg.GetConfiguration(configpkg.ConfigScanDirs)
-	if err != nil {
-		logger.Info().Msgf("Warning: Could not read kcrypt configuration '%s'\n", err.Error())
-	}
-
 	blk, err := ghw.Block()
 	if err != nil {
 		logger.Warn().Msgf("Warning: Error reading partitions '%s \n", err.Error())
@@ -49,36 +42,22 @@ func UnlockAllWithLogger(tpm bool, log types.KairosLogger) error {
 	for _, disk := range blk.Disks {
 		for _, p := range disk.Partitions {
 			if p.Type == "crypto_LUKS" {
-				// Get the luks UUID directly from cryptsetup
-				volumeUUID, err := utils.SH(fmt.Sprintf("cryptsetup luksUUID %s", filepath.Join("/dev", p.Name)))
-				logger.Info().Msgf("Got luks UUID %s for partition %s\n", volumeUUID, p.Name)
-				if err != nil {
-					return err
-				}
-				volumeUUID = strings.TrimSpace(volumeUUID)
-				if volumeUUID == "" {
-					logger.Warn().Msgf("No uuid for %s, skipping\n", p.Name)
-					continue
-				}
 				// Check if device is already mounted
 				// We mount it under /dev/mapper/DEVICE, so It's pretty easy to check
 				if !utils.Exists(filepath.Join("/dev", "mapper", p.Name)) {
-					logger.Info().Msgf("Unmounted Luks found at '%s' \n", filepath.Join("/dev", p.Name))
+					logger.Info().Msgf("Unmounted Luks found at '%s'", filepath.Join("/dev", p.Name))
 					if tpm {
 						out, err := utils.SH(fmt.Sprintf("/usr/lib/systemd/systemd-cryptsetup attach %s %s - tpm2-device=auto", p.Name, filepath.Join("/dev", p.Name)))
 						if err != nil {
-							logger.Warn().Msgf("Unlocking failed: '%s'\n", err.Error())
-							logger.Warn().Msgf("Unlocking failed, command output: '%s'\n", out)
+							logger.Warn().Msgf("Unlocking failed: '%s'", err.Error())
+							logger.Warn().Msgf("Unlocking failed, command output: '%s'", out)
 						}
 					} else {
-						p.FilesystemLabel, err = config.GetLabelForUUID(volumeUUID)
-						if err != nil {
-							return err
-						}
 						err = UnlockDisk(p)
 						if err != nil {
-							logger.Warn().Msgf("Unlocking failed: '%s'\n", err.Error())
+							logger.Warn().Msgf("Unlocking failed: '%s'", err.Error())
 						}
+						logger.Info().Msg("Unlocking succeeded")
 					}
 				} else {
 					logger.Info().Msgf("Device %s seems to be mounted at %s, skipping\n", filepath.Join("/dev", p.Name), filepath.Join("/dev", "mapper", p.Name))