So I ran across this article where a UK bank is replacing PIN codes with emoji. I get the point. One of the main problems with PIN codes is that in general they are only 4 digits, so short in a small password space. So one of the main points of this system is to increase the password space from 10 to 44 (in this particular case, anyway). It doesn’t seem like they are looking to increase the length, but just the number of “characters” that can be selected from.

So this is important, it is always better to increase the password space if you need to use fixed passwords (or PIN codes), but is emoji really the answer? I  got a laugh out of this because 15 years ago I worked on an image-based login method for mobile devices, so this isn’t exactly a new idea, but it shows how you also need to be aware of where you are logging in. In this case a 2FA setup is not likely to work, though as more devices come out with fingerprint sensors, FIDO clients should become more common for protecting access to services like this.