Am I wrong, or has this always been a known threat vector? Brute-forcing a password has been a thing for decades, and while more powerful hardware does make it more of a threat, it's not really any different from the other "decryption" techniques the use bruteforcing. This has been a thing on iPhone and Android for a while with the Greykey, too.