LUKS = Linux Unified Key Setup
Add a label to a LUKS encrypted btrfs filesystem
Open the device:
sudo cryptsetup open /dev/sdxx name
Mount it:
udisksctl mount -b /dev/mapper/name
Add a label:
sudo btrfs filesystem label /run/media/user/some-UUID yourlabel
Label is effective for subsequent mounts.
Add a secondary PBKDF2 key for decryption
By default cryptsetup will use the Argon2i key derivation function. Decrypting the partition on a device with less memory than of the machine on which the encryption took place could fail when using cryptsetup with the default settings. (Argon2i is memory-hard, meaning it requires a significant amount of memory to compute, which makes it resistant to GPU and ASIC attacks.)
Add PBKDF2 key (PBKDF2 is more computationally intensive but does not have the same memory-hard properties as Argon2i):
sudo cryptsetup luksAddKey --key-slot 1 --pbkdf pbkdf2 /dev/sdxx
Decrypt the partition using the added key slot:
sudo cryptsetup open --key-slot 1 /dev/sdxx yourlabel