Some additional thoughts/informations:
1) recovery phrase like the electrum does as greg mentioned (**~**bip39) in case you have lost your wallet (encrypted or unencrypted) requires a bip32 hd wallet: at the moment not supported by bitcoin core.
As an aside, BIP39 is a poor design which was explicitly disowned by one of its original authors. It should not be used as a reference for useful behavior.
Totally agree.
If one decides to encrypt the wallet, all used private keys (`getnewaddress`, change addresses) where exposed plaintext over the wallet.dat file during the time between creation and encryption.
This is potentially misleading, as may sound to some like you're saying keys resulting from getnewaddress after encryption were also exposed but this isnt the case. Only keys from before the encryption were previously exposed, for the obvious reason.
Thanks for precision.
Right, every address (including change addresses) generated "after" the encryption happened, was never exposed in a unencrypted wallet.