[progbits]

PIN for secure module with throttling and max wrong attempt count is indeed safer than a password you can brute force offline.

[andrewstuart2]

Brute forcing offline kinda only works if you have a stolen hash or artifact like that. For a service like Google, they definitely have rate limits on password attempts.

I'm not saying I prefer either one here, just that password authentication doesn't automatically mean you can brute force offline.

[postalrat]

The real key is stored in a chip. Your pin unlocks the real key. The chip has hardware to rate limit pin attempts.

These types of chips tend to have many layers of physical security to protect the real key.