[rjp0008]

Can't use the same PIN as a hacker would just add myhackurl.com/login to your vault and see what the PIN came across as. I think you'd also run into issues with password length as a lot of sites still have a restriction. I like the idea though and maybe a different implementation could work.

[donmcronald]

I mean a PIN that's not stored in the vault or auto-filled. It would be something extra that you add manually after the password manager fills in the password

So the password manager would put in 'password' and I'd manually type '1234' to make it 'password1234'.

[Fnoord]

That would not have stopped the vulnerability 'LastPass bug leaks credentials from previous site' (see Zdnet article posted elsewhere) though that's not a common vulnerability in software.