Originally Posted by Kingston

If they used real security (like requiring a real password and disallowing PINs), only people who chose poor passwords would get compromised.
Those that chose properly random string passwords would be unaffected.

There's a reason no online bank lets you login with just your ATM PIN.