Emojis in passwords would both make passwords more secure and easier to remember for some people. The drawback is that they're very hard to enter in normal, physical keyboards.
Another problem that's easy to overlook until it isn't is entering your password in front of people - if you're selecting stuff on screen then that's a lot more likely to be seen than typing on the keyboard.
> If password is short, it's still gonna be quick to crack
Only if the cracker is brute-forcing instead of using common passwords mixed with dictionary words, and if the brute-forcer thought to implement emojis. Given how many emojis there are, it would by psychotic to include them in a brute-force attack unless you already know the person used emojis.
There are ~1800 widely supported emojis. That blows out the search space. There are 10^19 possible passwords for a 6 character alphanum+emoji, the same as a 10 character password using just alphanum + simple keyboard symbols.
But what's the actual distribution of usage of emoji? I'm guessing there is a small-ish set that people actually use, just like there is a small-ish set of words that people will pick from if you ask them to pick a passphrase containing "random" words.
Unless you pick the passphrase for them, you're not really gaining the advantage of the search space size.
Except people will probably stick to a few common ones and do a pattern. Love eyes x2 heart heart, thumbs up -- just like people don't pick words uniformly.
If they're randomly generated, are they still going to be easy to remember? User-chosen emoji passwords would probably be even weaker than user-chosen passphrases.
But does it really improve security that much? If password is short, it's still gonna be quick to crack.