An easy way to remove an EFI Firmware Password from a users device (Maybe a click button in the console where the password is displayed?) and also a way to re-apply it more easily after performing SMC (System Management Controller) and PRAM/NVRAM (Parameter Random Access Memory / Non-Volatile RAM) resets. (I contacted support beforehand. Even better would be a way to push an SMC reset to the machine, or PRAM, but I don't think this would be possible???
At the moment, I am booting into recovery on a users device, turning the EFI PW off, restarting, performing a SMC reset or PRAM/NVRAM reset, then re-enrolling the user into MDM, this re-applies the EFI PW, but then the user is not enrolled through DEP any more.
This is incredibly cumbersome and I could imagine this affects many people, and users. It would cut admin time down.