Bank PINs aren't really about password strength though. To prevent brute force, they simply block access after n tries (usually n = 3). They are just a way of preventing access to the card in case of loss or theft. So as long as there are enough combinations to make the chance of a successful brute force after three tries small enough, it doesn't really matter how strong the password is.
For online banking, there are usually added security schemes and the PIN isn't used at all.
For online banking, there are usually added security schemes and the PIN isn't used at all.