My passwords would take thousands of ages of the universe to brute force. They're quite long.
But with chip n pin for all authentication, we would still be dependent on a four digit pin.
If the secret key is stored inside the chip and nowhere else, and if the chip is physically and electrically designed to resist extraction of the secret key, then all the chip has to do is to deliberately slow the process of reading the pin and "unlocking" the secret key, usually increasing the delay after each unsuccessful attempt. It can also self-destruct after some number of incorrect attempts.
This is exactly how the Apple iPhone does it, though instead of a credit card chip I believe it's implemented in a special purpose processor connected to those performing the rest of the phone's functions. It was also at the center of the recent standoff between Apple and the FBI over the phones recovered from the San Bernardino terrorist shooters. The FBI wanted Apple to hack the security processor to remove the delay after each unsuccessful attempt, and to allow unlimited tries.
But even if the 4-digit pin is used to encrypt the secret key, the system
is still vulnerable if its internal state can be read, e.g., by a scanning electron microscope. Then the trials can be performed on an emulator (a large general purpose computer array, or special hardware developed for the purpose) without any artificial slowdowns or limits. 10
4 = 10,000, which is a tiny number by today's standards.
This is why the FBI/Apple showdown wasn't really the one we fear may still come. Had the owners of the phone used a much stronger pin, which the iPhone optionally supports, it would have been impossible for Apple to help the FBI recover it
even if they had wanted to, even with the technology to read out the complete internal state. The FBI certainly must know this and may still push for legislation to ban the mere existence of such systems for everyone.
Fortunately, the tide seems to be turning. The former NSA and CIA director Gen. Michael Hayden is on record as disagreeing with the FBI; he argues (as do many of my colleagues and me) that we have much more to lose from the use of weak encryption by our economy than we have to gain by exploiting it in our adversaries. If I were cynical I'd say that's because the NSA has secretly figured out how to break everything but I don't think that's the case. I do think it's likely that they've found effective workarounds for specific instances (what Snowden revealed as "targeted systems operations" or something like that) and this presents much less of a threat to the general population.