It would be extremely difficult to brute force a passphrase regardless of how strong it is. To even attempt to use a passphrase you have to disconnect/reconnect the device and know the original 12/24 seed words in addition to knowing there is actually funds hidden in some unknown passphrase.

The only advantage is the device won't self destruct after three failed attempts like the PIN because there is no such thing as a "wrong" passphrase as any passphrase can be paired with a set of seed words.

Posted Using LeoFinance ^Beta